Ask a Question

Alert ID : INFO877

Last Modified : 05/21/2018

Certificate Signing Request (CSR) Generation Instructions - BEA Weblogic 8.1

Description

To generate a Certificate Signing Request (CSR), you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match and a replacement has to be made.
 
BEA Weblogic 8.1 utilizes the java keytool command line utility to create the CSR and install the SSL certificate. GeoTrust recommends that you contact the BEA directly for additional information.
 
Step 1: Generate a Keystore and Private Key
NOTE: A key length of 1024 bit is the default, but GeoTrust recommends the use of a 2048 bit key.
  1. Create a certificate keystore and private key by executing the following keytool command:
    Note: The keytool utility is located in your JDK’s “bin” directory
    Note: For Extended Validation certificates or a certificate with a validity period beyond December 31, 2013 the key bit length must be 2048, add in the below command:  -keysize 2048

     
    keytool -genkey -alias <your_alias_name> -keyalg RSA -keystore <your_keystore_filename>

  2. Specify a password. The default value will be "changeit".
For more information, view the interactive BEA Setup & Installation instructions

 

Step 2: Generate a CSR
  1. The CSR is then created using the following command:
     
    keytool -certreq -keyalg RSA -alias <your_alias_name> -file certreq.csr -keystore <your_keystore_filename>
    Note: When generating a CSR, enter the domain of your website (i.e. www.geotrust.com) in the "first- and lastname" field.
     
  2. To copy and paste the file certreq.csr into the enrollment form, open the file in a text editor that does not add extra characters (Notepad or Vi are recommended).
  3. Verify your installation with the GeoTrust Installation Checker