beautypg.com

E.2. registering a domain name, E.3. generating a certificate signing request – Gasboy Fleet Head Office System User Manual

Page 367

background image

365

E.2. REGISTERING A DOMAIN NAME

SSL Certification requires the assignation of a domain name to the FHO Web Server.

While generating a CSR, users are required to enter a Common Name, namely the Host Name (i.e.:
www.mydomain.com, mydomain.com).

The certification applies to the precise Common Name specified during this process and the
posterior enrollment to the Certification Authority. For example, a certificate issued for the domain
"mydomain.com" does not certifies a site named "www.mydomain.com".

The reservation and registration of Domain Names is managed by Domain Name Registrars,
licensed by the Internet Corporation for Assigned Names and Numbers (ICANN) or by a national
authority.

The list of ICANN accredited registrars is provided for reference below:

http://www.iana.org/domains/root/db/

E.3. GENERATING A CERTIFICATE SIGNING REQUEST

In order to purchase an SSL Certificate from a Certification Authority, a certificate signing request
(CSR) has to be generated.
The CSR contains information identifying the FHO server and the public key. The corresponding
private key is not included in the CSR, but is used to digitally sign the entire request.
The utility OpenSSL is used to generate the key and CSR. This utility comes with the OpenSSL
package and is usually installed under /usr/local/ssl/bin.
Proceed as follows:
1. Generate the Key utilizing the following command:

$ openssl genrsa -des3 -out

CommonName.key 1024

This command generates a 1024 bit RSA Private Key and stores it in the file

CommomName.key

2. Enter a pass phrase. Omit the -des3 option above for not to include a pass phrase to protect the

key, or in cases where running Apache on Windows as this option does not work on Windows

NOTE

If including a passphrase, the same passphrase has to
be entered after restarting the server.

3. Backup the

CommomName.key file and make a note of the pass phrase if any

4. Generate the CSR utilizing the following command:

$ openssl req -new -key

CommomName.key -out CommomName.csr

This command prompts for the attributes of the certificate:

Country Name (two-letter code):
State or Province Name (full name):
Locality Name:
Organization Name:
Organizational Unit Name:
Common Name: (i.e.:

www.mydomain.com)

FMS and FHO User’s Manual - MDE-4821