- Contact Us:
For a Certificate Authority to issue you a certificate you must provide them with the information that you believe belongs in that certificate request. The most important piece of information being the public key that your server will use to identify itself. The Certificate Request (sometimes called a CSR or PKCS10) is how you provide that public key and prove you have the corresponding private key. To help identify which server a certificate request is for it can also include additional information such as the fully qualified host name of the server or the name of the legal entity who possesses the associated private key.
Each application stores its certificates and private keys in different ways, meaning that you often need to use a different tool to generate the certificate request for each application. Although it is not normally required, the easiest way to do this is to generate the certificate request on the server you will use the certificate on. This page helps you to generate the appropriate command line for each of your applications. Simply fill out the required fields above and it will provide you with example command lines for common applications. If your application is not listed, check the help documentation from your Certificate Authority or the application documentation for guidance on how to generate the certificate signing request.
The larger the private key the stronger it is, unfortunately the larger it is the slower the cryptographic operations with that key will be. Though techniques for cryptanalysis are often improving at this time, the general consensus is that RSA keys with a key length of 2048 are sufficiently strong.
There are a few things you need to keep in mind when thinking about the security of your private key:
Your will automatically move to the next section if nothing happens pleaseclick here