Help & Support
SHOULD YOU NEED ANY ASSISTANCE?
Kindly contact us
Generate CSR in Apache Tomcat using Keytool
During the online enrollment process you will be required to provide Entrust Certificate Services with a Certificate Signing Request (CSR).
This encrypted data is generated from your server, and contains information about your company and Web server.
Part 1 – Create a Certificate Keystore
keytool -genkey -alias
Important:
- Always specify your keystore location when it is being created.
- If you are renewing your certificate, you must create a new key pair and keystore.
- Please use the same alias when creating your CSR and installing your certificate that you use to create your self-signed keystore.
As an example:
[root@digicert root]# keytool -genkey -alias myalias -keysize 2048 -keyalg RSA -keystore c:\.mykeystore.jks Enter keystore password: password What is your first and last name? [Unknown]: www.testcertificates.com What is the name of your organizational unit? [Unknown]: Entrust CS What is the name of your organization? [Unknown]: Entrust What is the name of your City or Locality? [Unknown]: Ottawa What is the name of your State or Province? [Unknown]: Ontario What is the two-letter country code for this unit? [Unknown]: CA Is CN=www.testcertificates.com, OU=Entrust CS, O=Entrust, L=Ottawa, ST=Ontario, C=CA correct? [no]: yes Enter key password for (RETURN if same as keystore password):
Ensure that you take note of the password that is entered and use it when generating the CSR in Part 2.
Part 2 – Generating the Certificate Signing Request
keytool -certreq -keyalg RSA -alias
Important:
Please use the same alias when creating your CSR and installing your certificate that you use to create your self-signed keystore.
As an example:
[root@digicert root]# keytool -certreq -keyalg RSA -alias myalias -file certreq.txt -keystore c:\.mykeystore Enter keystore password:
Paste this CSR into text file. The CSR should look similar to this:
-----BEGIN NEW CERTIFICATE REQUEST----- MIIBujCCASMCAQAwejELMAkGA1UEBhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xDzANBgNVBAcTBk90 dGF3YTEQMA4GA1UEChMHRW50cnVzdDETMBEGA1UECxMKRW50cnVzdCBDUzEhMB8GA1UEAxMYd3d3 . . . 5w6T+q/f+wIDAQABoAAwDQYJKoZIhvcNAQEEBQADgYEAF+0hqAqXumz/vGrzGVhKHlnxd7HW3ezS GIbIUcOy1YdDc/1ZCqRpu3utYIZ6welK++l+QjlbL6p5RJJETkkLKXjb/WVFajNuPl7Yob9pbwA7 JBrCCKbFj+kzDNbGhCR1RgFA9vQj5vob41Vj+k+TQchliuTLL9rFXNDHrtgTMtA= -----END NEW CERTIFICATE REQUEST-----