CSR Generation Instruction - Resin

An Important Note Before You Start

By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.

The utility "keytool" that you use to generate the private key (keyEntry) and CSR comes with the Sun JDK toolkit. If you do not have JDK installed please download it from the following link: http://java.sun.com/J2SE/downloads.html,We recommend that the latest version be used, which is 1.5.0.

1. INSTALL JSSE

Go to SUN Java JSSE website: http://java.sun.com/products/jsse/, download and install, then copy jsse.jar、jcert.jar、

jnet.jar to $JAVA_HOME/jre/lib/ext

2. ADD THE SSL SECURITY PROVIDER

Modify $JAVA_HOME/jre/lib/security/java.security:

security.provider.2=com.sun.net.ssl.internal.ssl.Provider

3. GENERATE THE CSR

cd /usr/local/resin/

mkdir keys

cd keys

keytool -genkey -keyalg "RSA" -keystore server.keystore

keytool -certreq -keystore server.keystore > csr.txt

4. SUBMIT THE CSR TO WoSign

To submit the CSR to WoSign for processing you should start the certificate enrollment process.

5. Backup your private key

Please backup your keystore file and make a note of the password. A good choice is to create a copy of this file onto a diskette or other removeable media.