CSR Generation: IBM HTTP Server

Generating a Certificate Signing Request (CSR) using IBM HTTP Server

  1. Firstly, you must create a new key database. Start the 'IKEYMAN' software - either by running the command 'IKEYMAN' or loading the GUI version.
  • Select 'Key Database File' from the main menu and choose 'New'.
  • Choose and enter a new Key Database name. Click 'OK'.
  • Now enter and confirm a password for the Key Database. Please ensure not to forget this password.
  • Now we need to use the new Key Database to create a CSR. Start IKEYMAN again, select 'Key Database File' and choose 'Open'.
  • Now enter the password from Step 4 and click 'OK'.
  • Select 'Create' from the main menu, and choose 'New Certificate Request'.
  • A form will appear, and all the fields require completion. Click 'OK' when completed. Notes on some of the fields are:
    • Key Label - simply a descriptive label for the CSR.
    • Keysize - we suggest the keysize be as large as possible, preferably 2048 bit.
    • Common Name - where you should enter the fully qualified domain name of the website you require the certificate for.
      Note: for wildcard certificates, the Common Name should be in the format: *.mydomain.com
    • Country - the ISO-3166 two-letter country code for the country. 'US' for the USA, 'GB' for Great Britain, etc.
    • Certificate Request Filename - the path and filename for the CSR.

Related Articles