The CSR creation command (from now on, this is referred to as the "scsmakeenv command") is used to create the CSR that will create the Interstage certificate environment and apply for the certificate that is used for SSL communication.
The creation procedure and execution example are shown below:
Creation procedure
Set the JDK or JRE installation path in the JAVA_HOME environment variable. This procedure is only required for Linux. Setting of the environment variable JAVA_HOME is unnecessary for Windows.
Execute the scsmakeenv command.
[Windows Manager]
scsmakeenv -n <private key nickname> -f <output destination file name for the CSR>
[Linux Manager]
scsmakeenv -n <private key nickname> -f <output destination file name for the CSR> -g <Group that has permissions to access the Interstage certificate environment>
Change the CSR output destination file name if necessary.
Note
The private key nickname specified in the scsmakeenv command will be required when the site certificate obtained from the CA is registered.
Information
Refer to Chapter 14, "SSL Environment Setting Commands" in the "Interstage Application Server Reference Manual (Command Edition)" for information on the scsmakeenv command.
Enter a password to access the Interstage certificate environment.
The default password is "changeit".
Enter an identifier.
When the "What is your first and last name?" enquiry is made, specify the FQDN of the server used to apply for the certificate as the Web server host name.
As with step 4, enter the following items:
Name of organizational unit
Name of organization
Name of City or Locality
Name of State or Province
Two-letter country code
Check the values that were entered.
To create the CSR using the values that were entered, enter yes. To change the values that were entered, enter no.
Send the CSR to the CA to request that a certificate be issued.
If the scsmakeenv command has terminated normally, the CSR will be output to the certificate output destination file name that was specified in the -f option of the scsmakeenv command. Send that file to the CA and request that a certificate be issued. Follow the request method used by the CA.
Execution example [Windows Manager]
The command execution examples shown below use the following values:
- Site certificate nickname: SERVERCERT - Applicant output destination file name: C:\temp\ssocert.txt - First and last name: rormanager.example.com - Name of organizational unit: FUJITSU TOKYO - Name of organization: FUJITSU - Name of City or Locality: Shinjuku - Name of State or Province: Tokyo - Two-letter country code for this unit:jp
C:\>scsmakeenv -n SERVERCERT -f C:\temp\ssocert.txt Password: Input X.500 distinguished names. What is your first and last name? [Unknown]: rormanager.example.com What is the name of your organizational unit? [Unknown]: FUJITSU TOKYO What is the name of your organization? [Unknown]: FUJITSU What is the name of your City or Locality? [Unknown]: Shinjuku What is the name of your State or Province? [Unknown]: Tokyo What is the two-letter country code for this unit? [Un]: jp Is <CN=rormanager.example.com, OU=FUJITSU TOKYO, O=FUJITSU, L=Shinjuku, ST=Tokyo,C=jp> correct? [no]: yes C:\>
Execution example [Linux Manager]
The command execution examples shown below use the following values:
- Site certificate nickname: SERVERCERT - Applicant output destination file name: /tmp/ssocert.txt - Group that has permissions to access the Interstage certificate environmentiscertg - First and last name: rormanager.example.com - Name of organizational unit: FUJITSU TOKYO - Name of organization: FUJITSU - Name of City or Locality: Shinjuku - Name of State or Province: Tokyo - Two-letter country code for this unit:jp
In the execution example, a new Interstage certificate environment is created for which "iscertg" access permissions are set, and the CSR is also created. Then set access permissions to it if necessary.
The Bourne shell has been used in the execution example.
# JAVA_HOME=/opt/FJSVawjbk/jdk5;export JAVA_HOME # scsmakeenv -n SERVERCERT -f /tmp/ssocert.txt -g iscertg Password: Input X.500 distinguished names. What is your first and last name? [Unknown]: rormanager.example.com What is the name of your organizational unit? [Unknown]: FUJITSU TOKYO What is the name of your organization? [Unknown]: FUJITSU What is the name of your City or Locality? [Unknown]: Shinjuku What is the name of your State or Province? [Unknown]: Tokyo What is the two-letter country code for this unit? [Un]: jp Is <CN=rormanager.example.com, OU=FUJITSU TOKYO, O=FUJITSU, L=Shinjuku, ST=Tokyo,C=jp> correct? [no]: yes UX:SCS: INFO: scs0180: The owners group of Interstage certificate environment was set. #
Note
You will be asked for the password for the Interstage certificate environment. Enter the password for the Interstage certificate environment.
The default password is "changeit".
