Manualshelf

User's Manual Part 2

ManualsBrandsADC Telecommunications ManualsElectronicsLong Range Wireless Transmitter
71727374757677787980
December 20, 2004 SCP-LPS20x-011-012-01H
ADC Telecommunications, Inc. 145
At this stage, two files have been created in C:\certificates:
www.company.com.key: This file contains the private key for the server.
www.company.com.req: This file contains the certificate request.
Next, send the certificate request to a Trusted Certificate Authority to obtain a public key certificate from the CA. The
certificate file will be protected by the password you specified.
BECOMING A PRIVATE CA
This procedure enables you to sign your web server certificates using your own private key. Users who trust you will
be able to trust the certificates you have signed, providing that they have your public key certificate.
Creating the CA certificates
You will be asked for a password to protect the new private key, which will be the private key for your own Certificate
Authority.
Ideally, the private key should be handled as one of your corporate secrets and should be in a safe location
accessible to the person responsible for signing the certificates.
For the purposes of this example:
the certificate will be requested for the domain name: CompanyCA
the secret password used to protect the key is CA_key_password
1. Open a Windows command-line session.
2. Go to the directory where you installed the certificate tools. This example assumes c:\certificates.
3. Execute the command: newca CompanyCA
C:\certificates\>newca CompanyCA
You will be asked for a password protecting your
Certificate Authority Private Key
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
.........++++++
..++++++
writing new private key to 'CA\private\CAkey.pem'
Enter PEM pass phrase: CA_key_password
Verifying password - Enter PEM pass phrase: CA_key_password
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
!
IMPORTANT
This password will be required when signing subsequent certificates.