Effective 1 January 2011, we will no longer support any Certificate Signing Request [CSR] generated with a 1024 bit key. This is because NIST, PKIX, WebTrust and other respective security standards no longer consider the 1024 bit key size as secure. Read more > [1]
To access the Domain certificates repository page, click the Certificates icon at the Domain administration page. The certificates repository page will open displaying the list of available certificates:
The four icons, preceding the certificate name in the list, indicate the present parts of a certificate. The icon displayed in the R column indicates that the Certificate Signing request part is present in the certificate, the icon in the K column indicates that the private key is contained within the certificate, the icon in the C column indicates that the SSL certificate text part is present and the icon in the A column indicates that CA [2] certificate part is present. The number in the Used column indicates the number of IP addresses the certificate is assigned to.
To add a certificate to the
repository, click the Add Certificate icon at the Domain certificate repository page. The SSL certificate creation page will open. On this page you can generate a self-signed certificate, certificate-signing request, purchase a SSL certificate, and add the certificate parts to an existing certificate.
NOTE: When acquiring or generating new certificates, make sure that the values you enter into the fields 'domain name', 'email address', 'state or province', 'location', 'organization name', and 'department name' do not exceed the limit of 64 symbols.
To generate a certificate signing request (CSR) follow these steps:
2. The Bits selection allows you to choose the level of encryption of your SSL certificate. Select the appropriate number from the drop-down list.
3. Select a country from the drop-down list.
4. Specify the state or province, location (city).
5. Enter the appropriate organization name and department/division in the field provided.
6. Enter the Domain Name for which you wish to generate the certificate signing request.
7. Specify the E-mail address.
8. Click the Request button. A certificate-signing request will be generated and added to the repository. You will be able to add the other certificate parts later on.
A situation may occur in some cases, that you have a certificate in the repository, which has only the private key part and the other parts are missing due to some reasons. To generate a new Certificate Signing Request using the existing private key, follow these steps:
2. Click Request.
Links:
[1] http://www2.digi-sign.com/about/announcements/2048
[2] http://www2.digi-sign.com/certificate+authority