----- Original Message ----- From: "Eiji Hamano (bluequartz)" <[email protected]> To: "BlueOnyx General Mailing List" <[email protected]> Sent: Saturday, January 22, 2011 12:35 AM Subject: [BlueOnyx:06366] Re: [bluequartz] Re: 2048 bit CSR?
> Hi Ken > > I am still unclear in the problem 2048 bit CSR. > >>> then I copy in the >>> cerfiticate, key, and request to the certs directory > > But "openssl req -new" makes key, and request, not cerfiticate file. > Was the cerfiticate file created from the GUI ? > > If so, I did it. But error on certificate 2 from the GUI fiest. > The error msg was ; > > ## The imported certificate does not contain the private key for this > certificate, > ## and the private key currently on the server does not match this > certificate. > ## If importing a certificate not created on this server, > ## the RSA private key must be included in the imported certificate file. > > Would you advice me again ? > > Eiji > > > >>> Ken wote ; >>> >> cd /etc/admserv >> openssl req -new -newkey rsa:2048 -keyout key -nodes -out request >> Generating a 2048 bit RSA private key >> ..........................................+++ >> ..............+++ >> writing new private key to 'key' >> ----- >> You are about to be asked to enter information that will be incorporated >> into your certificate request. >> What you are about to enter is what is called a Distinguished Name or a >> DN. >> There are quite a few fields but you can leave some blank >> For some fields there will be a default value, >> If you enter '.', the field will be left blank. >> ----- >> Country Name (2 letter code) [GB]:US >> State or Province Name (full name) [Berkshire]:California >> Locality Name (eg, city) [Newbury]:Valley Center >> Organization Name (eg, company) [My Company Ltd]:Precision Web Hosting, >> Inc. >> Organizational Unit Name (eg, section) []:WebDev >> Common Name (eg, your name or your server's hostname) >> []:www.yourdomain.com >> Email Address []:[email protected] >> Please enter the following 'extra' attributes >> to be sent with your certificate request >> A challenge password []: >> An optional company name []: >> ? >> ? >> cat request >> >> The "request" is the CSR. After you get the certificate then I copy in >> the >> cerfiticate, key, and request to the certs directory. Then from the GUI, >> import the certificate 2, certificate 1, then root cert in that order. > Eiji After I get the cert, I just paste it into the certificate file using nano -w certificate Then paste. ---- Ken M Precision Web Hosting, Inc. http://www.precisionweb.net _______________________________________________ Blueonyx mailing list [email protected] http://www.blueonyx.it/mailman/listinfo/blueonyx
