[BlueOnyx:06368] Re: [bluequartz] Re: 2048 bit CSR?

Ken - Precision Web Hosting, Inc kenlists at precisionweb.net
Sat Jan 22 22:22:52 -05 2011 

----- Original Message ----- 
From: "Eiji Hamano (bluequartz)" <bluequartz at hypersys.ne.jp>
To: "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
Sent: Saturday, January 22, 2011 12:35 AM
Subject: [BlueOnyx:06366] Re: [bluequartz] Re: 2048 bit CSR?


> Hi  Ken
>
> I am still  unclear in the problem 2048 bit CSR.
>
>>> then I copy in the
>>> cerfiticate, key, and request   to the certs directory
>
> But "openssl req -new"  makes key, and request,  not cerfiticate file.
> Was the cerfiticate file created from the GUI ?
>
> If so, I did it.  But error on certificate 2 from the GUI  fiest.
> The error msg was ;
>
> ## The imported certificate does not contain the private key for this
> certificate,
> ## and the private key currently on the server does not match this
> certificate.
> ## If importing a certificate not created on this server,
> ## the RSA private key must be included in the imported certificate file.
>
> Would you advice me again ?
>
> Eiji
>
>
>
>>> Ken wote ;
>>>
>> cd /etc/admserv
>> openssl req -new -newkey rsa:2048 -keyout key -nodes -out request
>> Generating a 2048 bit RSA private key
>> ..........................................+++
>> ..............+++
>> writing new private key to 'key'
>> -----
>> You are about to be asked to enter information that will be incorporated
>> into your certificate request.
>> What you are about to enter is what is called a Distinguished Name or a
>> DN.
>> There are quite a few fields but you can leave some blank
>> For some fields there will be a default value,
>> If you enter '.', the field will be left blank.
>> -----
>> Country Name (2 letter code) [GB]:US
>> State or Province Name (full name) [Berkshire]:California
>> Locality Name (eg, city) [Newbury]:Valley Center
>> Organization Name (eg, company) [My Company Ltd]:Precision Web Hosting,
>> Inc.
>> Organizational Unit Name (eg, section) []:WebDev
>> Common Name (eg, your name or your server's hostname)
>> []:www.yourdomain.com
>> Email Address []:ssladmin at precisionweb.net
>> Please enter the following 'extra' attributes
>> to be sent with your certificate request
>> A challenge password []:
>> An optional company name []:
>> ?
>> ?
>> cat request
>>
>> The "request" is the CSR. After you get the certificate then I copy in 
>> the
>> cerfiticate, key, and request to the certs directory.  Then from the GUI,
>> import the  certificate 2, certificate 1, then root cert in that order.
>


Eiji

After I get the cert, I just paste it into the certificate file using
nano -w  certificate

Then paste.

----
Ken M
Precision Web Hosting, Inc.
http://www.precisionweb.net

More information about the Blueonyx mailing list