[BlueOnyx:06374] Re: [bluequartz] Re: 2048 bit CSR?

Eiji Hamano (bluequartz) bluequartz at hypersys.ne.jp
Sun Jan 23 23:10:01 -05 2011 

>> Hi  Ken
>>
>> I am still  unclear in the problem 2048 bit CSR.
>>
>>>> then I copy in the
>>>> cerfiticate, key, and request   to the certs directory
>>
>> But "openssl req -new"  makes key, and request,  not cerfiticate file.
>> Was the cerfiticate file created from the GUI ?
>>
>> If so, I did it.  But error on certificate 2 from the GUI  fiest.
>> The error msg was ;
>>
>> ## The imported certificate does not contain the private key for this
>> certificate,
>> ## and the private key currently on the server does not match this
>> certificate.
>> ## If importing a certificate not created on this server,
>> ## the RSA private key must be included in the imported certificate file.
>>
>> Would you advice me again ?
>>
>> Eiji
>>
>>
>>
>>>> Ken wote ;
>>>>
>>> cd /etc/admserv
>>> openssl req -new -newkey rsa:2048 -keyout key -nodes -out request
>>> Generating a 2048 bit RSA private key
>>> ..........................................+++
>>> ..............+++
>>> writing new private key to 'key'
>>> -----
>>> You are about to be asked to enter information that will be incorporated
>>> into your certificate request.
>>> What you are about to enter is what is called a Distinguished Name or a
>>> DN.
>>> There are quite a few fields but you can leave some blank
>>> For some fields there will be a default value,
>>> If you enter '.', the field will be left blank.
>>> -----
>>> Country Name (2 letter code) [GB]:US
>>> State or Province Name (full name) [Berkshire]:California
>>> Locality Name (eg, city) [Newbury]:Valley Center
>>> Organization Name (eg, company) [My Company Ltd]:Precision Web Hosting,
>>> Inc.
>>> Organizational Unit Name (eg, section) []:WebDev
>>> Common Name (eg, your name or your server's hostname)
>>> []:www.yourdomain.com
>>> Email Address []:ssladmin at precisionweb.net
>>> Please enter the following 'extra' attributes
>>> to be sent with your certificate request
>>> A challenge password []:
>>> An optional company name []:
>>> ?
>>> ?
>>> cat request
>>>
>>> The "request" is the CSR. After you get the certificate then I copy in
>>> the
>>> cerfiticate, key, and request to the certs directory.  Then from the 
>>> GUI,
>>> import the  certificate 2, certificate 1, then root cert in that order.
>>
>
>
> Eiji
>
> After I get the cert, I just paste it into the certificate file using
> nano -w  certificate
>
> Then paste.

Hi  Ken ;

I have been using  Noepad to paste it for 10 years with no problem.
I pasted certificate 2  to certificate2.txt,
I pasted certificate 1  to certificate1.txt.
>From the GUI,   error with certificate2.txt,
No error certificate1.txt.

Hi  Gerald ;

The cert vendor is http://www.rapid-ssl.jp/
Eiji Hamano

More information about the Blueonyx mailing list