Generate a CSR for C2Net Stronghold

How to generate a CSR for C2Net Stronghold Server.

Related Content

Want to keep learning?

Subscribe to SSL.com’s newsletter, stay informed and secure.

Copy article link

Stronghold keys and certificates are managed through three scripts: genkey, getca, and genreq. These are part of the normal Stronghold distribution. Keys and certificates are stored in the directory $SSLTOP/private/, where SSLTOP is typically /usr/local/ssl.

To generate a key pair and CSR for your server:

  1. Run genkey, specifying the name of the host or virtual host: genkey hostname. The genkey script displays the filenames and locations of the key file and CSR file it will generate:
    • Key file: /usr/local/www/sslhostname.key
    • CSR file: /usr/local/www/sslhostname.cert
    Note: If you already have a key for your server, run genreq [servername] to generate only the CSR.
  2. Press Enter. The genkey script reminds you to be sure you are not overwriting an existing key pair and certificate.
  3. When prompted, enter a key size.It is recommended that you use the largest key size available.
  4. When prompted, enter random key strokes. Stop when the counter reaches zero and genkey beeps. This random data is used to create a unique public and private key pair.
  5. When prompted, enter Y to create the key pair and CSR.
  6. For your CA, select Other.
  7. Enter the two-letter country code for your country. You must use the correct ISO country code, other abbreviations will not be recognized. Please refer to our list of country codes to find yours.
  8. Enter the full name of your state or territory. Please do not abbreviate.
  9. Enter the name of your city, town, or other locality.
  10. Enter the name of your organization. This is the full legal name of the organization applying for the server certificate.
  11. Enter the name of your unit within the specified organization. This is usually the group/department the certificate is for.
  12. Enter your web site’s fully-qualified domain name. (For example, www.mydomain.com.) This is known as your site’s Common Name.
  13. The CSR created will look something like this: 
    -----BEGIN NEW CERTIFICATE REQUEST-----
MIIByDCCATECAQAwgYgxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaX
----------------More text--------------------
U20CbzA7Ur0YBqrnQdD2PnTv/XpHtAAr+M4oez==
-----END NEW CERTIFICATE REQUEST-----
  14. At this point you should back up your key file and CSR to a secure location. If you lose your private key or forget the password, you will not be able to install your certificate.

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read our Cookie and privacy statement.

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Show details
Powered by  GDPR Cookie Compliance