Generating a Certificate Signature Request

To generate a certificate signature request:

  1. Log in to the platcfg utility using one of two methods, either from the system console using root or through an SSH remote session using admusr.
    • To access the platcfg utility from the system console:
      1. Log in as root.
      2. Enter su - platcfg.
    • To access the platcfg utility through an SSH remote session:
      1. Log in as admusr.
      2. Enter sudo su - platcfg.

    Note: The dash (-) is required in the su - platcfg or the sudo su - platcfg command to ensure proper permissions.

  2. Select Policy Configuration from the Main Menu and press Enter.
  3. Select SSL Key Configuration from the Policy Configuration Menu screen and press Enter.
  4. Select Configure keystore from the Configure SSL keys Menu screen and press Enter.
  5. Select Create Certificate Signature Request (CSR) from the Operate keystore Menu screen and press Enter.
  6. Enter the Keystore Password, select OK, and press Enter.
  7. Select the certificate name that you want to export for signature from the Create CSR screen and press Enter.

    Note: The alias of the certificate is used later for re-importing the certificate after signing by a third party. Use an alias that allows the certificate to be identified with a specific system. Also of importance is the Expiration attribute, which should be set to a sufficiently large value so that the certificate does not expire before any peer certificates. Oracle recommends a value preventing expiration for three years.

  8. Edit the destination path from the Create CSR screen to change it or select OK to accept it, and press Enter.