This subsection provides examples of how to use the keygen and certutil commands. The information provided in the following examples, such as for the Common Name item, is fictitious, and any connection with real individuals is purely coincidental.
The following example shows how to use the keygen command to generate a private key.
# keygen -rand file -des3 -out httpsdkey.pem -bits 1024 |
-----BEGIN RSA PRIVATE KEY----- |
This subsection explains how to use the certutil reqgen command to create a Certificate Signing Request (CSR). Submit the created CSR file to a CA to receive a signed certificate. Note that if you set a password when creating the private key of the Web server, you are also requested to enter the private key password when creating the CSR.
Specify the items and contents according to the instructions provided by the CA to which the CSR is submitted.
# certutil reqgen -sign SHA1 -key httpsdkey.pem -out httpsd.csr |
-----BEGIN CERTIFICATE REQUEST----- |