How to Generate a CSR for BEA Weblogic 8.0
You will need to create a key pair for your server to generate a CSR. These two items are a digital certificate key pair and must not be separated. Losing your public/private key file or password will result in you havinf to generate a new one, causing your SSL Certificate to no longer match. You will have to order a new SSL Certificate and which may result in a charge.
Step 1: Generate a Keystore and Private Key
1. Create a certificate keystore and private key by executing the following keytool command:
Note: The keytool utility is located in your JDK's "\bin" directory
C:\bea\jdk\bin\keytool -genkey -alias(your_alias_name)-keyalg RSA -keystore (your_keystore_filename)-keysize 2048
2. Specify a password. The default value will be "changeit". Hit Enter if you want to keep the default password. If you use a different password, you will need to specify a custom password in the server.xml configuration file.
Step 2: Generate a CSR
1. The CSR is then created using the following command:
C:\bea\jdk\bin\keytool -certreq -keyalg RSA -alias (your_alias_name) -file certreq.csr -keystore (your_keystore_filename)
2. This command will prompt for the following X.509 attributes of the certificate:
First and last name (Common Name (CN): Enter the domain of your website (i.e. www.myside.org) in the "first- and lastnam" field.. It looks like "www.company.com"; or "company.com".
Country Name (C):Use the two-letter code without punctuation for country, for example: US or CA.
State or Province (S):Spell out the state completely; do not abbreviate the state or province name, for example: California.
Locality or City (L): The Locality field is the city or town name, for example: Berkeley.
Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corportation or XY and Z Corportation.
Organizational Unit (OU): This field is the name of the department or organization unit making the request.
Note: SSL certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain "domain.com" will receive a warning if accessing a site named "www.domain.com"; or "secure.domain.com", because "www.domain.com" and "secure.domain.com" are different from "domain.com".
3. Verify your CSR
4. To copy and paste the file certreq.csr into the enrollment form, open the file in a text editor that does not add extra characters (Notepad or Vi are recommended).
BACK