E.2. registering a domain name, E.3. generating a certificate signing request – Gasboy Fleet Head Office System User Manual
Page 367

365
E.2. REGISTERING A DOMAIN NAME
SSL Certification requires the assignation of a domain name to the FHO Web Server.
While generating a CSR, users are required to enter a Common Name, namely the Host Name (i.e.:
www.mydomain.com, mydomain.com).
The certification applies to the precise Common Name specified during this process and the
posterior enrollment to the Certification Authority. For example, a certificate issued for the domain
"mydomain.com" does not certifies a site named "www.mydomain.com".
The reservation and registration of Domain Names is managed by Domain Name Registrars,
licensed by the Internet Corporation for Assigned Names and Numbers (ICANN) or by a national
authority.
The list of ICANN accredited registrars is provided for reference below:
E.3. GENERATING A CERTIFICATE SIGNING REQUEST
In order to purchase an SSL Certificate from a Certification Authority, a certificate signing request
(CSR) has to be generated.
The CSR contains information identifying the FHO server and the public key. The corresponding
private key is not included in the CSR, but is used to digitally sign the entire request.
The utility OpenSSL is used to generate the key and CSR. This utility comes with the OpenSSL
package and is usually installed under /usr/local/ssl/bin.
Proceed as follows:
1. Generate the Key utilizing the following command:
$ openssl genrsa -des3 -out
CommonName.key 1024
This command generates a 1024 bit RSA Private Key and stores it in the file
CommomName.key
2. Enter a pass phrase. Omit the -des3 option above for not to include a pass phrase to protect the
key, or in cases where running Apache on Windows as this option does not work on Windows
NOTE
If including a passphrase, the same passphrase has to
be entered after restarting the server.
3. Backup the
CommomName.key file and make a note of the pass phrase if any
4. Generate the CSR utilizing the following command:
$ openssl req -new -key
CommomName.key -out CommomName.csr
This command prompts for the attributes of the certificate:
Country Name (two-letter code):
State or Province Name (full name):
Locality Name:
Organization Name:
Organizational Unit Name:
Common Name: (i.e.:
www.mydomain.com)
FMS and FHO User’s Manual - MDE-4821