Solution
If you do not have a keyring created, steps 1-5 will guide you through the process of creating a keyring. If you want to use an existing keyring, please skip to step 6:
- Open the Blue Coat Management interface on the ProxySG.
- Click on the Configuration tab. On the side options, select SSL and then click on Keyrings.
- In the SSL Keyrings frame, click on the Create button.
- In the new Create Keyring window, select an easy name for your Keyring and enter in the bit length.
Note: For 1 year or 2 year business SSL, the bit length entered can be 1024. If you are creating a 3 year business SSL certificate or either a 1 year or 2 year EV SSL certificate, the key length entered must be greater than 2048.
- When finished, click on OK.
This will create the public/private key for this new keyring. Now, a certificate needs to be created or imported for this keyring. The steps below discuss how to get a CSR that can be submitted to QuoVadis.
- Go into the SSL Certificates tab in the frame and select a Keyring from the drop down. This can be either an existing one or one that you just created.
- Click on Create underneath Certificate Signing Request in order to create a CSR.
- The Create Certificate Signing Request window will appear that has a bunch of fields that need to be entered. Please refer to the following guide on what information should be entered:
State/Province: Spell out the state completely; do not abbreviate the parish, state or province name, for example: Pembroke or Connecticut.
Country Code: Use the two-letter code without punctuation for the country, for example: BM or UK or CH.
City/Locality: The locality field is the city or town name, for example: Hamilton or Stamford.
Organization: This is the exact legal name of the company as it is registered.
Unit: This field is the name of the department or other group making the request within the organization.
Common Name: This is also referred to as the FQDN (Fully Qualified Domain Name). This is the Host plus the Domain Name. It looks like "secure.example.com" or "example.com".
Challenge: This is a password that will be set.
E-mail Address: This is the email address that will show up in the certificate.
Company: This should be the same as the Organization.
- After you have done that, click on the OK button.
- You will see some text say, "-----BEGIN CERTIFICATE REQUEST-----", followed by many characters and then, "-----END CERTIFICATE REQUEST-----" all within a box. Highlight all of the text and copy it to your clipboard. You can do this by pressing Ctrl and the C key on your keyboard.
- Submit the CSR to QuoVadis.