How to Generate a CSR for Sybase Manage Anywhere Studio

A key pair must be created for the server in order to generate a CSR. It is important for the key pair and the digital certificate to not be separated. If the password or the public/private key file is lost or amended before the SSL certificate is installed, the SSL certificate will need to be re-issued. In order for the installation to be successful, the private key, CSR, and the digital certificate must all match.

The CSR needs to contain the following attributes:

Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California.
Locality or City (L): The Locality field is the city or town name, for example: Berkeley.
Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corportation or XY and Z Corportation.
Organizational Unit (OU): This field is the name of the department or organization unit making the request.
Common Name (CN): The Common Name is the Host + Domain Name. It looks like "www.company.com" or "company.com".

Note: SSL certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain "domain.com" will receive a warning if accessing a site named "www.domain.com" or "secure.domain.com", because "www.domain.com" and "secure.domain.com" are different from "domain.com".

Generate a Private Key Pair
  1. Under Administrative Toolsopen Internet Services Manager.

  2. Open the Properties window by right-clicking on the name of the Web site you wish to secure.

  3. Click the Directory Security tab.

  4. Click Server Certificate in the Secure communications section. If you have not used this option before the Edit button will not be active.

  5. Select Create a new certificate

  6. Select Prepare the request now, but send it later. VeriSign only accepts CSRs through the enrollment process forms. We do not accept CSRs over email.

  7. Complete the information requested by the IIS Certificate Wizard to create a private key that is stored locally on your server and a public key (the Certificate Signing Request) that you will use during the enrollment process. You have successfully generated a CSR file. See Terms Defined if you have questions about any of the information requested.

  8. Click Finish to exit the IIS Certificate Wizard. A CSR file has been generated.

  9. Verify your CSR

  10. Go to the enrollment form and paste the information into the form when prompted for the CSR.


BACK