Hi Ken I am still unclear in the problem 2048 bit CSR.
>> then I copy in the >> cerfiticate, key, and request to the certs directory But "openssl req -new" makes key, and request, not cerfiticate file. Was the cerfiticate file created from the GUI ? If so, I did it. But error on certificate 2 from the GUI fiest. The error msg was ; ## The imported certificate does not contain the private key for this certificate, ## and the private key currently on the server does not match this certificate. ## If importing a certificate not created on this server, ## the RSA private key must be included in the imported certificate file. Would you advice me again ? Eiji >> Ken wote ; >> > cd /etc/admserv > openssl req -new -newkey rsa:2048 -keyout key -nodes -out request > Generating a 2048 bit RSA private key > ..........................................+++ > ..............+++ > writing new private key to 'key' > ----- > You are about to be asked to enter information that will be incorporated > into your certificate request. > What you are about to enter is what is called a Distinguished Name or a > DN. > There are quite a few fields but you can leave some blank > For some fields there will be a default value, > If you enter '.', the field will be left blank. > ----- > Country Name (2 letter code) [GB]:US > State or Province Name (full name) [Berkshire]:California > Locality Name (eg, city) [Newbury]:Valley Center > Organization Name (eg, company) [My Company Ltd]:Precision Web Hosting, > Inc. > Organizational Unit Name (eg, section) []:WebDev > Common Name (eg, your name or your server's hostname) > []:www.yourdomain.com > Email Address []:[email protected] > Please enter the following 'extra' attributes > to be sent with your certificate request > A challenge password []: > An optional company name []: > ? > ? > cat request > > The "request" is the CSR. After you get the certificate then I copy in the > cerfiticate, key, and request to the certs directory. Then from the GUI, > import the certificate 2, certificate 1, then root cert in that order. _______________________________________________ Blueonyx mailing list [email protected] http://www.blueonyx.it/mailman/listinfo/blueonyx
