FavoriteLoadingAdd to favorites

To generate a Certificate Signing Request (CSR), a key pair must be created for the server. These two items are a public key and a private key pair and cannot be separated. JBoss HTTP Server (Apache) is a very custom environment and your system may differ. Below are generalized instructions. The utility “openssl” is used to generate the key and CSR. This utility comes with the OpenSSL package and is usually installed under /usr/local/ssl/bin. If you have a custom installation, you will need to adjust these instructions appropriately.

To generate a CSR on JBoss HTTP Server  perform the following.

Step 1: Generating your private key pair:

  1. On the Apache system type the following command at the prompt.
    openssl genrsa -des3 -out <private key file name>.key 2048
  2. Example:
    CSR Apache
    Note:  If you do not wish to use a Pass Phrase, do not use the -des3 command. It will however leave the private key unprotected.

Step 2: Generating your CSR:

  1. Type the following command at the prompt.
    openssl req -new -key <private key file name>.key -out <csr file name>.csr
  2. Example:
    Note: If using openSSL on Windows, you may need to specify the path to openssl.cnf such as the following: openssl req -new -key <private key file name>.key -config “c:\Apache Software Foundation\Apache2.2\conf\openssl.cnf” -out <csr file name>.csr
  3. Enter the requested information:
    • Country Name: Use the two-letter code without punctuation for country, for example: US or CA.
    • State or Province: Spell out the state completely; do not abbreviate the state or province name, for example: Massachusetts
    • Locality or City: The Locality field is the city or town name, for example: Boston. Do not abbreviate. For example: Saint Louis, not St. Louis
    • Company: If the company or department has an &, @, or any other symbol using the shift key in its name, the symbol must be spelled out or omitted, in order to enroll. Example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
    • Organizational Unit: The Organizational Unit (OU) field is the name of the department or organization unit making the request. To skip the OU field, press Enter on the keyboard.
    • Common Name: The fully-qualified domain name, or URL, you’re securing. for example “www.domain.com”. If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.domain.com.
    • Note: You might be prompted to associate a password for your CSR. Leave this blank and press Enter. Associating a password with your CSR will encrypt it and will cause issues with enrollment.

A public/private key pair has now been created. The private key (www.domain.com.key) is stored locally on the server (remember its location and name as it will be required for Installation). The public portion, in the form of a csr (request.csr), will be used enrollment.

Your private key pair has now been created on this system. Your CSR request has been created and is ready for you to copy and paste its contents into the enrollment portal.

If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.

JBoss Support:
For more information refer to JBoss

For JBoss HTTP Server installation instructions click here.

FavoriteLoadingAdd to favorites

About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.