Check Point - Generate CSR
A Certificate Signing Request (CSR) is required when applying for an SSL certificate. This CSR (and private key) can be generated on your webserver. To request a wildcard certificate, fill in an * (asterisk) for the subdomain, for example *.sslcertificaten.nl (instead of www.sslcertificates.nl).
- Start Putty and login as root administrator.
- Once logged in, switch to expert mode by using the command "expert".
- Enter the expert password.
- Create a CSR and KEY file, using the following command: (select your own name for the *.csr and *.key file. In this example we use 'sslcertificaten.nl'.)
Cpopenssl req –new –out sslcertificaten.nl.csr –keyout sslcertificaten.nl.key –config $CPDIR/conf/openssl.cnf
- Enter a PEM password, which is needed to import a CSR within Check Point. Without a password, the certificate cannot be imported and is therefore rendered useless. Confirm the password by entering it a second time.
- Enter the two letter country code. Enter the state or province name. Enter the locality. Enter the organization name. Enter the common name (hostname/FQDN). Set the optional challenge password (this is recommended for additional security). Set the optional company name.
- The created CSR can now be displayed by using the following command:
To order a certificate, copy the entire contents of the generated CSR, including the first and last line and all dashes.