ipsCA - SSL Server Certificates, IPS Certification Authority, s.l.
SSL Server Support S/MIME Personal Support Downloads Support User Guides

 CSR Support

 

C2Net Stronghold

Creating a Certificate Signing Request

  1. Enter the Stronghold Configuration Manager.
  1. Select New Key Generation to create a new key file.
  1. Enter key size (either 512 or 1024 bits) and follow instructions for generating the random data. 1024 bits is the recommended key size.

**** Note: The encryption key size (512 bit, 1024 bit) has nothing to do with the actual session key (128 bit, 40 bit)

  1. When creating a CSR you must follow these conventions.

Enter the Distinguished Name Field information.

he following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?. &  

Contact ipsCA
For more Information:
Email:

Phone:
+34 91 6402052
 

Distinguished Name Field

Explanation

Example

Country Name

The two-letter ISO abbreviation for your country

US = United States

State or Province Name

The state or province where your organization is located. Can not be abbreviated.

Georgia

City or Locality

The city where your organization is located.

Atlanta

Organization Name

The exact legal name of your organization. Do not abbreviate

IPS S.L.

Organizational Unit

Optional for additional organization information

Marketing

Common Name (Server Host Name)

The fully qualified domain name for your web server. You will get a certificate name check warning if this is not an exact match.

If you intend to secure the URL https://secure.yourURL.com, then your CSR's Server Hostname must be secure.yourURL.com

Server Admin.'s email address

Your email address

abc@yourURL.com

 

  1. The key pair will be generated and saved in the file:

strongholdserverroot/private/hostname.key.  

example: /usr/local/stronghold/private/www.something.com.key

  1. Edit this file to extract the CSR data to send to IPSCA. This is the text

beginning with "-----BEGIN NEW CERTIFICATE REQUEST-----"

up to and including the text "-----END NEW CERTIFICATE REQUEST-----".

  1. Submit your CSR to IPSCA.

Note: See also C2Net's documentation on key generation and installation instructions for both STRONGHOLD 2.3 and STRONGHOLD 2.4.x .  

 


 CSR Instalation

 

Installing a Certificate for C2 Net Stronghold Server 2.4.2

The certificate that you will receive from IPSCA will contain two parts - a server part,and a CA part. These will be clearly marked in the certificate that you will receive.

Installing the Server Certificate

Installing the Intermediate CA Certificate

Browser versions

Installing the Server Certificate

Please make sure you are using Stronghold 2.4.2. If you are using an
earlier release of Stronghold, please install 2.4.2 before installing your
Global Server Certificate. Please contact support for more information.
 
There are 8 steps involved in installing your certificate successfully. Please
print out these instructions and follow them carefully. Then, you
can start enjoying the benefits of 128 bit secure, authenticated
communication with your customers.

PLEASE NOTE: There are TWO certificates :
 
1)The Intermediate CA Certificate, and
2)The Server Subscriber Certificate for your company
 
YOU WILL NEED TO INSTALL BOTH CERTIFICATES for your server to properly
initiate 128 bit sessions with browsers.
 
TO INSTALL THE SERVER SUBSCRIBER CERTIFICATE:
 
(1)  Run the command "getca servername" where "servername" is the same name
you used when you generated the key or certificate request, using "genkey
servername" or "genreq servername"
 
(2)  Return to the email and copy the certificate marked
        as the SERVER CERT including the two lines labeled "-----BEGIN
        CERTIFICATE-----" and "-----END CERTIFICATE-----" onto the
        clipboard.

(3)  Paste the clipboard into the terminal window where you've run "getca"
 
(4)  Enter Control-D or the appropriate EOF character for your terminal

 
  return to the top

Installing the Intermediate CA Certificate

(5) Add a directive to your configuration file
 
 SSLCACertificateFile certs/ipsca.cert
 
 (6) Download the intermediate Certificate from here then copy the certificate including the two lines labeled
 
        "-----BEGIN CERTIFICATE-----"

                and
 
        "-----END CERTIFICATE-----"

        onto the clipboard.
 
 (7) Paste the clipboard into the file ssl/certs/ipsca.cert located
     in your ServerRoot directory

 (8) Make Sure Your Customers are using recent versions of
     the browsers.
 
    

  return to the top

Browser Versions

Make Sure Your Customers are Using the Proper Versions of the browsers. As noted before you enrolled for the Server Certificate, these certificates do not work with the older versions of Microsoft and Netscape Browsers.

 

 return to the top



© 1996 - 2003 ipsCA, IPS Certification Authority, S.L. all Rights reserved.
Our CPS summarized or complete, CRLs, Root Certificates and legal documents
  can be found in our repository
Read our  Privacy Policy and Terms of Use