| Version 7 (modified by , 8 years ago) ( diff ) |
|---|
This website details the process of creating a certificate
https://www.digicert.com/csr-creation-apache.htm
- On the host VM create the following directory if not already present
sudo mkdir sharesudo mkdir share/certsudo mkdir share/cert/live
- On the host VM run the following command :
cd share/cert/livesudo openssl req -new -newkey rsa:2048 -sha256 -nodes -keyout briccs.xuhl-tr.nhs.uk.key -out briccs.xuhl-tr.nhs.uk.csr
Ensure that the prefix for the .key and .csr is you domain name.
This command requires the following user input :
Generating a 2048 bit RSA private key
........+++
.................................+++
writing new private key to 'uhlbriccsext01.xuhl-tr.nhs.uk.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:UK
State or Province Name (full name) [Some-State]:Leicestershire
Locality Name (eg, city) []:Leicester
Organization Name (eg, company) [Internet Widgits Pty Ltd]:University Hospitals of Leicester NHS Trust
Organizational Unit Name (eg, section) []:Cardiovascular
Common Name (e.g. server FQDN or YOUR name) []:uhlbriccsext01.xuhl-tr.nhs.uk
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: Pa55word
An optional company name []:
This command generates a .key and .csr
- The csr has to be self signed by UHL certificate authority. To do this you have to send the text of the csr
send text of csr to Robert.Hallett@…
ask him to create a base46 cer which is in text format and not binary
add the file to this directory /share/cert/live/
