Articles in Root

How do I generate a CSR on Blue Coat SG?

Problem

How do I generate a CSR on Blue Coat ProxySG?

Solution

If you do not have a keyring created, steps 1-5 will guide you through the process of creating a keyring.  If you want to use an existing keyring, please skip to step 6:

  1. Open the Blue Coat Management interface on the ProxySG.
  2. Click on the Configuration tab. On the side options, select SSL and then click on Keyrings.
  3. In the SSL Keyrings frame, click on the Create button.
  4. In the new Create Keyring window, select an easy name for your Keyring and enter in the bit length.
    Note: For 1 year or 2 year business SSL, the bit length entered can be 1024.  If you are creating a 3 year business SSL certificate or either a 1 year or 2 year EV SSL certificate, the key length entered must be greater than 2048.

  5. When finished, click on OK.
    This will create the public/private key for this new keyring.  Now, a certificate needs to be created or imported for this keyring.  The steps below discuss how to get a CSR that can be submitted to QuoVadis.

  6. Go into the SSL Certificates tab in the frame and select a Keyring from the drop down.  This can be either an existing one or one that you just created.
  7. Click on Create underneath Certificate Signing Request in order to create a CSR.
  8. The Create Certificate Signing Request window will appear that has a bunch of fields that need to be entered.  Please refer to the following guide on what information should be entered:
    State/Province: Spell out the state completely; do not abbreviate the parish, state or province name, for example: Pembroke or Connecticut.

    Country Code: Use the two-letter code without punctuation for the country, for example: BM or UK or CH.

    City/Locality: The locality field is the city or town name, for example: Hamilton or Stamford.

    Organization: This is the exact legal name of the company as it is registered.

    Unit: This field is the name of the department or other group making the request within the organization.

    Common Name: This is also referred to as the FQDN (Fully Qualified Domain Name).  This is the Host plus the Domain Name.  It looks like "secure.example.com" or "example.com".

    Challenge: This is a password that will be set.

    E-mail Address: This is the email address that will show up in the certificate.

    Company: This should be the same as the Organization.

  9. After you have done that, click on the OK button.
  10. You will see some text say, "-----BEGIN CERTIFICATE REQUEST-----", followed by many characters and then, "-----END CERTIFICATE REQUEST-----" all within a box.  Highlight all of the text and copy it to your clipboard.  You can do this by pressing Ctrl and the C key on your keyboard.
  11. Submit the CSR to QuoVadis.