UK Sales: 0800 035 6364 | sales@2020media.com | We'll Call You

Obtain a CSR to request a SSL certificate

Before You Start

Before you can begin the process of obtaining a Certificate, you must generate a Private Key and CSR pair off the web server. A CSR is basically a Public Key that you generate on your server that validates the computer-specific information about your web server and Organization when you request a Certificate from thawte. Digital ID's make use of a technology called Public Key Cryptography, which uses Public and Private Key files.

The Public Key, also known as a Certificate Signing Request (CSR), is the key that will be sent to thawte. The Private Key will remain on the server and should never be released into the public. The certificate authority does not have access to your Private Key. It is generated locally on your server and is never transmitted to third parties. The integrity of your Digital ID depends on your private key being controlled exclusively by you.

A CSR cannot be generated without generating a Private Key file nor can the Private Key file be generated without generating a CSR file. In certain web server software platforms like Microsoft IIS, both are generated simultaneously through the Wizard on the web server. Typically, you will be prompted to enter the following information about your Organization in order to generate the Private Key and CSR pair off the web server:

  • * Organization Name (e.g. My Company)
  • * Organizational unit (e.g. My Department)
  • * Country Code (e.g. GB)
  • * State or Province (e.g. Scotland)
  • * Locality (e.g. Glasgow
  • * Common Name (e.g. www.domain.com)

Important Note: Before you can begin the process of obtaining a Certificate, you must generate a Private Key and CSR pair off the web server here. The term "common name" is X.509 speak for the name that distinguishes the Certificate best, and ties it to your Organization. In the case of SSL Web Server Certificates, enter your exact host and domain name that you wish to secure. This may also be the root server or intranet name for your Organization.

Note: In the interest of better security and the enablement of greater trust, most SSL authorities have decided that 1024-bit keys will now be the minimum suggested strength to be used in the issuance of digital certificates. This applies to Thawte, Verisign and Geotrust.

Example: If you wish to secure www.mydomain.com, then you will need to enter the exact host (www) and domain name in this field. If you enter mydomain.com then the Certificate issued to you will only work error free on that exact domain name. It will cause an error when you or your users access the domain name as www.mydomain.com.

The term "common name" is X.509 speak for the name that distinguishes the Certificate best, and ties it to your Organization. In the case of SSL Web Server Certificates, enter your exact host and domain name that you wish to secure. This may also be the root server or intranet name for your Organization.

Note about Certificate Renewals: Usually, before you can renew a Certificate, a new Key/CSR pair will have to be generated off the server, the Key must then be backed up and then the newly created CSR has to be submitted through the renewal process. However it perfectly possible to use the exiting original CSR. Some SSL authorities, such as Thawte, do not even require that you resubmit the CSR. It will use your old CSR for your renewal Certificate as originally submitted. This means that the renewal Certificate, once issued, will only work on the Private Key file that was originally used to create the CSR.

Instructions for Thawte certificates

A
Apache-SSL and Apache ModSSL
Apache on Mac OS X Server
B
BEA web logic 
C
Citrix Secure Gateway 1.0
Citrix Secure Gateway 1.1
CNT Web Integrator
Cobalt Raq
Covalent server products

I
IBM ICSS
IBM HTTP
Infinite InterChange
Infinite WebMail
Innosoft PMDF-TLS
iPlanet 4.x
iPlanet 6.x
IFactory Commerce Builder

J
Java Web Server
Jetty Java HTTP Servlet Web Server

L
Lotus Domino Go
Lotus Notes Domino

M
Marimba
Microsoft IIS 4
Microsoft IIS 5
Microsoft IIS 6
Microsoft IIS 7

N
Netscape Commerce
Netscape Enterprise 3.x

O
Oracle Wallet Manager
Oracle Web Server (OAS 4.0.8)
Orion Web Server
O'Reilly Website Professional

P
Plesk 8
PowerWeb Servers

Q
Qpopper
Quid Pro Quo Secure

R
Raven SSL
Raven SSL CTL Interface
RedHat Linux
Roxen

S
Sambar
Silverstream
Stronghold
SSLeay-based Servers
SyBase EAServer

T
Tenon WebTen
Tomcat

W
WebSite Professional 2.x
4D WebSTAR Server Suite/SSL
WSFTP FTP application

Z
Zeus

2020Media is a leading provider of small business Wi-Fi hotspots. If you want to offer free Wi-Fi to your customers or users, our service could be exactly what you are looking for. Our Hotspots are managed in the cloud, ultra-reliable and give you loads of information about behaviour patterns of your users. Read More   Read more...
2020Media introduces Moodle Hosting - UK servers and UK Moodle experts setup your site ready to use. Read more...
Special Offer for Longer Registration Periods Register or renew a .com, .net or .org domain name for 5 years we'll include 1 year free*. Read more...
2020Media is now offering zero-click installation of the popular TYPO3 content management system. Read more...

Our blog is regularly updated with news, tips and industry opinion.

Clients

  • AggieWestons
  • baker-and-mckenzie
  • arts-council-england
  • Big Finish
  • barratt-developments-logo
  • City-of-Lincoln-council-logo
  • brora-logo
  • DenisMacShane
  • Construction-Industry-Council
  • colchester