Effective 1 January 2011, we will no longer support any Certificate Signing Request [CSR] generated with a 1024 bit key. This is because NIST, PKIX, WebTrust and other respective security standards no longer consider the 1024 bit key size as secure. Read more > [1]
To generate a certificate signing request (CSR) follow these steps:
2. Specify the certificate name.
3. The Bits selection allows you to choose the level of encryption of your SSL certificate. Select the appropriate number from the drop-down list.
4. Select a country from the drop-down list
5. Specify the state or province, location (city).
6. Enter the appropriate organization name and department/division in the field provided.
7. Enter the Domain Name for which you wish to generate the certificate-signing request.
8. Click the REQUEST button. A certificate-signing request will be generated and added to the repository. You will be able to add the other certificate parts later on.
NOTE: Do not lose your RSA Private Key, you will need this later.
Generating a CSR using an existing private key
In some cases you have a certificate in the repository, which has only the private key part and the other parts are missing due to some reasons. To generate a new Certificate Signing Request using the existing private key, follow these steps:
2. Click REQUEST.
Links:
[1] http://www2.digi-sign.com/about/announcements/2048