Sign a Certificate Signing Request
» Table of Contents |  | | » Index | | |
| | |
| ||
| ||
Signing someone else's certificate signing request is the function of a certificate authority. When you send a signed certificate back, it can be used to start the server with the passphrase they have. Embedded in the certificate is your public key. It must match the public key you distribute to clients using your server.
To sign a certificate signing request, perform the following steps. The certificate is signed after you respond to the last question.
Enter the required information to sign a certificate.
NOTE: The inception time of a certificate is based on UTC (Coordinated Universal Time). Verify with your system administrator that your computer's UTC is set correctly. CA Certificate File specification
Use OpenVMS syntax (defaults to SSL$CRT:SERVER_CA.CRT).
CA Certificate Key File specification
Use OpenVMS syntax (defaults to SSL$KEY:SERVER_CA.KEY).
Certificate Request File
Use OpenVMS syntax (defaults to SSL$CRT:SERVER.CSR).
Signed Request File specification
Use OpenVMS syntax (defaults to SSL$CRT:SIGNED.CRT).
Default Days
The default number of days until the signed certificate expires.
PEM Passphrase
This is a verification field only. You must use the same passphrase you used to create the certificate authority (option 5).
View the details of the signed certificate (if you chose to display the certificate):
Version (SSL 3.0 protocol)
Serial number (Certificates issued by a CA have a serial number that is unique to the certificates issued by that CA.)
Signature algorithm
Issuer (your distinguished name)
Validity (inception and expiration dates)
Public key information