WoSign技术支持：IBM ICSS Web服务器SSL证书的证书请求文件(CSR)生成指南

English

	首接负责制，让您放心选购和使用各种数字证书产品！
	在线帮助、MSN、QQ、Email 和免费服务热线为您提供最优质的售前售后服务!

可信网站认证服务与产品

超真SSL

超真SSL-EV

可信软件开发商认证产品

微软代码签名证书

Adobe AIR 签名证书

火狐插件签名证书

Java等代码签名证书

PKI(CA)托管产品

超管CA-企业版

USB Key 加密盘

各类产品分网站

互联网 • 更多 • 安全

可信数字身份认证服务

SGC超真SSL证书

超真SSL证书

超快SSL证书

EV SSL证书

客户端证书

首页

技术支持

SSL证书请求文件(CSR)生成指南 - IBM ICSS

重要注意事项 An Important Note Before You Start

在生成CSR文件时同时生成您的私钥，如果您丢了私钥或忘了私钥密码，则颁发证书给您后不能安装成功！您必须重新生成私钥和CSR文件，免费重新颁发新的证书。为了避免此情况的发生，请在生成CSR后一定要备份私钥文件和记住私钥密码，最好是在收到证书之前不要再动服务器。
By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.

To generate a CSR for IBM ICSS follow the instructions below:

If WoTrust root is not in IBM ICSS version 4.2.1, you need to install our root certificate before proceeding with your request. The root certificate contains the key that is used to verify the signatures on the certificates we issue. It is the same root that is embedded in Navigator and MSIE.

Step 1: Embed our Root Certificate

Download the WoTrust root file in a Text file from the following link : WoTrust Root

Save it on your server hard drive.
Go to the Administration interface of your web server.
Underneath the "Security" configuration section of your server you will see a link called "Receive Certificate".
You will need to specify your current keyring file and pass phrase, and ask it to install the root certificate that you saved on your hard drive.

Step 2: Mark Thawte Root as a trusted Root

Under "Security" again you will see a link called "Key Management".
You will need to specify the key ring password.
Select "Designate Trusted Root Keys".
The Thawte root will be listed in X.400 format.
Select it, then press Apply.
The Thawte root is now a trusted CA for your server.

Step 3: Generate your own key and CSR

Go to the "Create Keys" link on the Admin page under "Security".
Choose "Other" as your CA.
On the next page, DO NOT GIVE A POSTAL CODE.
Specify your country as the two-letter code in UPPER CASE.
Give your full state name if you are in the USA.
Don't mail the certificate request to the CA, you are going to save it to a file instead.
Make a note where you saved it (the default is C:\WWW\Bin\CertReq.txt).
That file is what you paste into our forms - it is your CSR.

测试CSR和把CSR发给WoSign, Start the certificate request process

生成CSR后，建议您自己测试一下生成的CSR文件是否正确，请点击这里测试您的CSR文件。请把测试成功的CSR文件发给WoSign即可。请一定不要再动您的服务器，等待证书的颁发。
To submit the CSR to WoSign for processing you should start the certificate enrollment process.