On Fri, May 13, 2011 at 7:14 PM, Manokaran K <[email protected]> wrote:
> If your intention is only to use SSL certificates to login to your server, > it is not necessary to apply for certificates from CAs. You can generate > your own public - pvt key pair in your own pc and copy the public key to > your server. > > No, actually it's for my client. My client is already a valued customers of Verisign! :) So, I must have to get certificate from verisign and must have to implement this in server. So, here are the steps I am following: 1. Generate private key 2. Generate CSR 3. Apply to Verisign with this CSR 4. Get certificate from them 5. Concate CRT+Private Key 6. Re-encode into PKCS12 7. Create JKS 8. Install JKS but then again, I am confused about one things: (1) Is it really necessary to "generate private key" from their server? I mean, ssh into my client's server, run openssl command like from their server : openssl genrsa -des3 -out server_self.key 2048 Will it create any problem if I generate private key and csr from my home machine? And, after that applying for certificate into Verisign with that CSR? -- Best, Zico _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
