Follow the instructions that came with your server software to generate a keypair and a Certificate Signing Request (CSR). Key generation is the creation of the server’s private and public keys. It is closely associated with the Digital ID request because the CSR includes a copy of the public key. If your software asks you for an email address, use your own. You can then use the CSR your server emails to you.
We support the following servers:
- Netscape Commerce
- Netscape Enterprise
- Internet Factory
- Microsoft IIS
- Stronghold
- O’Reilly Server version 2.0
Note: For Microsoft IIS Users
If you are generating a CSR, be sure to use a password that is no more than 8 characters long. Also, please do not use any special keys, such as (~!@#$%^&*()__{}|:”<>?), in your password.
IMPORTANT: Make a backup copy of your key pair and password and store them securely. This is a vital step as a precaution against overwriting, deleting, or corrupting the file. MSCTrustgate.com can not recover your Digital ID without the private key and password. If you lose your key pair or password, you will have to generate a new key pair and enroll (and pay) for a new SSL Server ID. Unauthorized access to your private key constitutes total compromise of your server’s security. Tips for Your Distinguished Name
When you generate your CSR, you will be asked to enter your server’s distinguished name. Distinguished names uniquely identify individual servers, and contain the following information. Common Name: Also known as the URL, the common name is the fully qualified domain name used for DNS lookups of your server (such as www.bookstore.com). This information is used by browsers to identify your web site. If you change your hostname, you will need to request another Digital ID. Client browsers connecting to your host will check for a match between your Digital ID’s common name and your URL. You cannot use wildcards (*, ?, and so on), IP addresses, or Port numbers in this field. Please do not include the “http:// or https://” in your common name. Organization or Company: This should be the organization that owns the domain name, as determined in Step 1. The organization name (corporation, limited partnership, university, or government agency) must be registered with some authority at the national, state, or city level. Use the legal name under which your organization is registered. Please do not abbreviate or use any of these symbols ! @ # $ % ^ * ( ) ~ ? > < / \. City/Locality: Optional in most situations. This field usually denotes the city in which the organization is located. Do not use abbreviations. For example, spell “Saint Louis”, instead of “St. Louis”. If the organization is registered locally only, for example by virtue of having a business license registered with the City Clerk, the Locality/City field must contain the name of the city where registered. In this case, the State/Province field is Srequired. International customers must enter either a City/Locality or a State/Province. State/Province: U.S. and Canadian customers must enter a State or Province name. Do not abbreviate. In the United States, if your organization is incorporated in, say, the state of Delaware, but is operating within California, use California. International customers must enter either a State/Province or a City/Locality. Do not abbreviate.
Country: This is the 2-character ISO format country code. For example, GB is the valid code for Great Britain, and US is the valid code for the United States.