User guide

Configuring the Interstage Certificate Environment with CSR

7-9

Configuring an Interstage Certificate Environment and Creating a

Certificate Signing Request (CSR)

A certificate must be obtained to perform signature and encryption processing such as for SSL. For this

purpose, it is necessary to create a certificate signing request (CSR) that is the data used to request the

CA to issue a certificate. When a CSR is created, an Interstage Certificate Environment is also created if

it does not exist. If an Interstage Certificate Environment already exists, that certificate environment is

used.

Note

Creating a CSR generates a private key in the Interstage certificate environment. To protect the

private key, make a temporary backup of the Interstage certificate environment after creating the

CSR and keep it until you obtain the certificate. Refer to the Operator's Guide for details of the backup

procedure.

When you make no backup, you need to again create the Interstage certificate environment and

create and issue a CSR, if the Interstage certificate environment is damaged.

An example of creating a CSR is shown below:

scsmakeenv -n SiteCert -f C:\my_folder\my_csr.txt -c

scsmakeenv -n SiteCert -c -f /usr/home/my_dir/my_csr.txt -g iscertg

Note

• The nickname specified for the -n option must be specified at registration of the site certificate. Be

sure to remember the nickname.

• In an operating mode in which a service that runs as a client function obtains only server

authentication, create a test certificate instead of CSR using the scsmakeenv command. Refer to the

Reference Manual (Command Edition) for information on test certificate creation. After creating a

test certificate, there is no need to perform the Requesting Certificate Issuance and Registering

Certificates and CRL sections described below. Perform the sections Defining the Use of Certificates

onwards.