Hitachi

JP1 Version 12 JP1/IT Desktop Management 2 - Smart Device Manager


G.2 Creating a Certificate Signing Request (CSR) (openssl.bat req command)

This section describes how to use the certutil reqgen command to create a Certificate Signing Request (CSR). The created CSR file is submitted to the CA, which then issues the signed certificate. The CSR is created in the format conforming to PKCS #10.

Format

openssl.bat req -new [-md5|-sha1|-sha224|-sha256|-sha384|-sha512] -key key-file -out CSR-file

Operand

[-md5|-sha1|-sha224|-sha256|-sha384|-sha512]

Specify the signature algorithm used when the CSR is created.

  • -md5: md5WithRSAEncryption is used.

  • -sha1: sha1WithRSAEncryption is used.

  • -sha224: sha224WithRSAEncryption is used.

  • -sha256: sha256WithRSAEncryption is used.

  • -sha384: sha384WithRSAEncryption is used.

  • -sha512: sha512WithRSAEncryption is used.

If this operand is omitted, -sha256 is assumed.

-key key-file

Specify the Web server private key file. Specify the private key file created by using the keygen command.

-out CSR-file

Specify the file to which the created CSR is output.

Example

To create a Certificate Signing Request (CSR) by using the Web server private key file httpsdkey.pem, specify as follows:

openssl.bat req -new -sha256 -key httpsdkey.pem -out httpsd.csr

If you have set a password when creating the private key for the Web server, you are prompted to enter the password. For the items to be set, follow the instructions from the CA to which you submit the Certificate Signing Request (CSR).