Specifications
204 Chapter 12 Managing Mail Service
4 When “Enter key and certificate label:” appears in the Terminal window, enter a one-
word key, a blank space, and a one-word certificate label, and then press Return.
For example, you could enter your organization’s name as the key and mailservice as
the certificate label.
The following output appears.
Please specify parameters for the key pair you will generate.
r RSA
d DSA
f FEE
Select key algorithm by letter:
5 Enter r, and then press Return.
The following output appears.
Valid key sizes for RSA are 512..2048; default is 512
Enter key size in bits or CR for default:
6 Enter a key size, and then press Return.
Larger key sizes are more secure, but require more processing time on your server. Key
sizes smaller than 1024 aren’t accepted by some certificate-issuing authorities.
The following output appears.
You have selected algorithm RSA, key size (size entered above) bits.
OK (y/anything)?
7 Enter y, and then press Return.
The following output appears.
Enter cert/key usage (s=signing, b=signing AND encrypting):
8 Enter b, and then press Return.
The following output appears.
...Generating key pair...
Please specify the algorithm with which your certificate will be signed.
5 RSA with MD5
s RSA with SHA1
Select signature algorithm by letter:
9 Enter s, and then press Return.
The following output appears.
You have selected algorithm RSA with SHA1.
OK (y/anything)?
10 Enter y, and then press Return.
The following output appears.
...creating CSR...
Enter challenge string: