Creating a server certificate and CSR (Certificate Signing Request)
This procedure creates a server certificate and its CSR. These are the first steps in getting the server certificate signed.
Prerequisites: You are working in
- Open the Certificate Management view for your localhost or a controller by right-clicking . If required to connect to the platform, enter the platform credentials, and click OK.The view opens with the focus on the User Key Store.
- Confirm that you are viewing the correct Certificate Management stores.
- Click New.A blank Generate Self Signed Certificate window opens.
- Fill in the form with information for the current platform/station and click OK.
Aliasidentifies the type of certificate and purpose in words. TheCommon Nameshould be the IP address or domain name of the platform/station.Organizationis the name of the company. DefineLocality,State/Province, and two-digitCountry Code. LeaveCertificate Usageset at the default (Server), and provide anEmail Aeddress. The rest of the properties can remain at their default values.After a bit, the system creates a self-signed server certificate, which appears in the User Key Store table with a yellow shield. - Select the new server certificate and click Cert Request.The Certificate Request Info window opens for the server certificate.
- Confirm that the Issued By and Subject fields contain the expected IP address (or domain name) and click OK.The Choose Export Directory window opens.
- Navigate to the
serverCSRsfolder you created (), and click Save.You now have a self-signed server certificate in the platform/station User Trust Store and a certificate signing request for that certificate in thecertManagement\serverCSRsfolder. - If you are using an external CA, email the certificate request to the external CA, and wait for it to returned signed.