Create and Submit a Certificate Signing Request
This procedure uses the Java keytool utility to create a Certificate Signing Request (CSR) from an existing keystore.
Before you begin
To create and submit a Certificate Signing Request
- Use the -certreq option to generate a certificate request. This generates a Certificate Signing Request, using the PKCS#10 format. For example:
keytool -v -certreq -alias filexpress -keystore newkeystore.jks -file cert_request.csr -ext ExtendedkeyUsage=serverAuth -storetype JCEKS
- Enter your keystore password when prompted.
- You will see a message saying that the certificate request has been saved to the file you specified (cert_request.csr in this example).
- Submit this CSR to your CA. You will need the contents of the CSR file. Open the file in a text editor. The contents should include a header and footer with encoded data between them. When you submit the request, copy the entire file, including the BEGIN and END lines.
-----BEGIN CERTIFICATE REQUEST-----
<encoded data>
-----END CERTIFICATE REQUEST-----
|