![[Contents]](FIGURE/CONTENT.GIF)
uCosminexus Application Server, HTTP Server User Guide
![[Glossary]](FIGURE/GLOSS.GIF)
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
This subsection provides examples of how to use the keygen and certutil commands. The information provided in the following examples, such as for the Common Name item, is fictitious, and any connection with real individuals is purely coincidental.
The following example shows how to use the keygen command to generate a private key.
# keygen -rand file -des3 -out httpsdkey.pem -bits 1024 Adding 'entropy' into random generator 372 random bytes loaded RSA Key Generation e= 65537, bits= 1024, primes= 2 Enter PEM passphrase: <--- Enter a password. Verifying password - Enter PEM passphrase: <--- Re-enter the password. Key generation successful # |
-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,0150E8E9D7CFAD87 3iQQl5s4ZSjup+XdoHwXj1lyERYFLczMMt5HNbp0+NPFz8f9iRSeIHZAPZIFG4DM ajlmwoH5ovB7GbCUXhnb9/sj6biD38abyqON3XDoXB0/h6RTNx4bfIR6H0/3EMsF dNZzC5g2kiHppSuToVe8m6bAM+XNqt6Fq684muZ7t9m4/gVk0nm7ac/OdUuqTN5v DUE2VPav9OnPd+ZM4s4W31SUs+3b1/UJ2UXFmJFwd6SJ58IKa/d179tHTHndawAE T1yHEOpAiOOjFj8v3FzHGtqnGMU4dBHsc8PbJIHxJGxPH13X0v69aypzFwi/iNXP mQmFIxl3KJmPVkuXeNksIkELGJiWuXIJsKVueIWxDoQjHRezOl0nvjh74mJkknSB GXJMdZfC2IJkHRpMqiliT84WlFJaSobtRvtAfTi/Zq3g/kjvIs451HAQ3m3AUwaa JjbAqOa2NuTv0URoNKUDKJWK+DQmYLwBLux2hqjpHWxaHMrndqUY8VqU7Nj9SPn3 H7nwu49krgw+/ZG/Y3u+6SRsXLbRUimMtStlKRTm3ECmeFRzm4Csjch/ysGNO0hj AZxQNdD4tQapNmh164CB+XUEPLjEi3QiT56TYvGzNcSn59vtvY8351eGxXV2++Qf U8nK7x+6I8Relt1UldDE7h2jHqPWgdHxrzlR6/fwZK4kamQH8qSUfeJr8uVyyr85 izpFPX1/jwueEFLWVmoGu95gkxVRLUotFMWUc+z5FTiUmfDGD/IgCIUB/v54nOWh X7YVUeWz8W2WZst2P4qm4v71DOEeWRgPIgS1jCVRI6WUTPKGPi+USQ== -----END RSA PRIVATE KEY----- |
This subsection explains how to use the certutil reqgen command to create a Certificate Signing Request (CSR). Submit the created CSR file to a CA to receive a signed certificate. Note that if you set a password when creating the private key of the Web server, you are also requested to enter the private key password when creating the CSR.
Specify the items and contents according to the instructions provided by the CA to which the CSR is submitted.
# certutil reqgen -sign SHA1 -key httpsdkey.pem -out httpsd.csr Enter PEM passphrase: <--- Enter the private key password. Country Name (2 letter code) :JP State or Province Name (full name) :Kanagawa Locality Name (eg, city) :Yokohama-shi Organization Name (eg, company) :HITACHI Organizational Unit Name (eg, section) :WebSite Common Name (eg, YOUR name) :www.hws.hitachi.co.jp Email Address : Subject: C=JP,ST=Kanagawa,L=Yokohama-shi,O=HITACHI,OU=WebSite,CN=www.hws.hitachi.co.jp A certificate signing request was successfully created # |
-----BEGIN CERTIFICATE REQUEST----- MIIBuzCCASQCAQAwezEeMBwGA1UEAxMVd3d3Lmh3cy5oaXRhY2hpLmNvLmpwMRAw DgYDVQQLEwdXZWJTaXRlMRAwDgYDVQQKEwdISVRBQ0hJMRUwEwYDVQQHEwxZb2tv aGFtYS1zaGkxETAPBgNVBAgTCEthbmFnYXdhMQswCQYDVQQGEwJKUDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEArZZyYumQcY8h4AppAz447H9R+Srzrt08eSzr yZT8HYrDXz9I8XH6bMMahO4M6u2YI9iVzepQU1uI0f8bCwkFageBWwVQmDwcyJYf 1kY5X+2OgFEYV8CTu7I+A70VlYHobpM/FlBkzUVWD9/fTob0ALYNF9eTbFAL0c6U sJBZfSsCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAEiq+yGSVblaOuljyrAei9r3 n5mXtE5KXzQRz0cy6N5BaEV0l9KOtUaTCallsZmQdZ/6dZRSaE27xf/2UF3UxlCC 0+qrG10iQgDe5huSsqBnGGghJB2OPVUJh5S7YC6Ub6HRdOzq7H+D0qvsBC2C0dA/ cCkp8UsRzIjlDW8SVBZO -----END CERTIFICATE REQUEST----- |
All Rights Reserved. Copyright (C) 2012, Hitachi, Ltd.