60
ACS Advanced Console Server Command Reference Guide
Digital Certificates
Certificate for HTTP security
The following procedure enables you to obtain a Signed Digital Certificate. A certificate for the
HTTP security is created by a Certification Authority (CA). Certificates are most commonly
obtained through generating public and private keys using a public key algorithm like RSA or
X.509. The keys may be generated by using a key generator software.
To obtain a signed digital certificate:
1.
Enter the OpenSSL command. Key generation may be done using the OpenSSL package using
the following command:
# openssl req -new -nodes -keyout private.key -out public.csr
The Certificate Signing Request (CSR) generated by the command contains some personal or
corporate information and its public key.
Table 3.12: Required Information for the OpenSSL Package
Parameter
Country Name (2 letter code)
State or Province Name (full name)
Locality Name
Organization Name
Organizational Unit Name
Common Name
Email Address
2.
Submit the CSR to CA for approval. This service may be requested by accessing the CA's web
site. Visit pki-page.org for a list of CAs.
3.
Once approved, CA sends the certificate file to the originator. The certificate is stored on a
directory server. The following procedures describe the certificate installation process.
Description
The country code consisting of two letters.
Provide the full name (not the code) of
the state.
Enter the name of your city.
Organization for which you are obtaining the
certificate.
Department or section where you work.
Name of the server where the certificate should
be installed.
Your email address or the administrator's
email address.