All Documents
Current Document
Content is empty
If you don't find the content you expect, please try another search term
Content is empty
If you don't find the content you expect, please try another search term
Last updated:2021-03-15 15:39:38
Before applying for a certificate, you must submit a CSR file for identity authentication and generation of a certificate public key file. When you generate a CSR file, a private key file is also generated. Keep the private key file confidential and back up the private key file.
openssl req -new -nodes -sha256 -newkey rsa:2048 -keyout myprivate.key -out mydomain.csrNote: The data entered here must be consistent with the data that you entered when you completed the certificate request.
| Field | Description | Example | Restrictions |
|---|---|---|---|
| Country Name | ISO country code | CN | Two capital English characters |
| State or Province Name | State or province name | Beijing | Chinese or English. |
| Locality Name | City name | Beijing | Chinese or English. |
| Organization Name | Organization name | Beijing Kingsoft Cloud Internet Technology Co., Ltd. | Chinese or English. |
| Organizational Unit Name | Unit name | Product Dept. | Chinese or English. |
| Common Name | Domain name | www.ksyun.com | N/A |
| Email Address | N/A | N/A | This field is not required. |
| A challenge password | N/A | N/A | This field is not required. |
| An optional company name | N/A | N/A | This field is not required. |
[root@xxxx ~]# openssl req -new -nodes -sha256 -newkey rsa:2048 -keyout myprivate.key -out mydomain.csr
Generating a 2048 bit RSA private key
............................+++
...................+++
writing new private key to 'myprivate.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Beijing
Locality Name (eg, city) [Default City]:Beijing
Organization Name (eg, company) [Default Company Ltd]:Beijing xxx Technologies.Inc.
Organizational Unit Name (eg, section) []:IT Dept
Common Name (eg, your name or your server's hostname) []:www.myhost.com
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:The following files are generated and saved in the current directory: private key file private.key and CSR file domain.csr.
Execute the keytool -genkey -alias cert -keyalg RSA -keysize 2048 -keystore ./domain.jks command.
Enter the certificate protection password and the following data as prompted:
Note: The data entered here must be consistent with the data that you entered when you completed the certificate request.
| Question | Description | Example | Restrictions |
|---|---|---|---|
| What is your first and last name? | Domain name | www.ksyun.com | N/A |
| What is the name of your organizational unit? | Unit name | Product Dept. | Chinese or English. |
| What is the name of your organization? | Organization name | Beijing Kingsoft Cloud Internet Technology Co., Ltd. | Chinese or English. |
| What is the name of your City or Locality? | City name | Beijing | Chinese or English. |
| What is the name of your State or Province? | State or province name | Beijing | Chinese or English. |
| What is the two-letter country code for this unit? | ISO country code | CN | Two capital English characters |
Verify that you have entered the data correctly and enter Y as prompted.
Enter the key password.
Use the certificate file to generate the CSR file.
keytool -certreq -sigalg SHA256withRSA -alias mycert -keystore ./mydomain.jks -file ./mydomain.csr
Pure Mode