6.20.08 - Creating a Certificate Signing Request - Aster Database

Teradata AsterĀ® Database 6.20 Release Notes

Product
Aster Database
Release Number
6.20.08
Published
November 2019
Language
English (United States)
Last Update
2019-11-12
dita:mapPath
vux1500568440584.ditamap
dita:ditavalPath
External-only.ditaval

Before you send a request for an SSL certificate, you must create a Certificate Signing Request (CSR) on the server that you want to secure. There are multiple ways to generate a 'Certificate Signing Request' and it will generally depend on the web server or device in which you intend to install the SSL certificate. A CSR is an encrypted file that contains information about your company, including the domain name.

The CSR must include the following information:
  • Country: Two-letter ISO 3166 country code. For example, the code for the Japan is "JP". For US, it is "US".
  • State or Province: Full name of the state or province where your company is headquartered, such as "California".
  • Locality or City: Full name of the locality or city where your company is headquartered, such as "Los Angeles".
  • Organization: Full legal name of your company.
  • Common Name:The website that you will protect with the SSL certificate.

There could be additional constraints for creating a CSR, depending on the vendor or state that will issue the SSL certificate.

The process used to create a CSR depends on the server that you are securing. Aster AMC and AppCenter use the Apache httpd server and for these browser apps, the procedure to create a CSR is :

  1. Use the terminal client (ssh) to log in to your server.
  2. Type the following command to generate the CSR file and a private key for decrypting SSL certificate: #openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

    where server is the name of your server.

  3. Save the private key file because it is necessary for installing SSL certificate.
  4. Enter the fully qualified domain name when prompted for the Common Name. For a wildcard certificate, the common name must begin with asterisk . For example, *.yourcompany.com.
  5. Type your organizational information when prompted. The CSR file is now created. The output file, server.csr is the CSR.
    openssl is installed by default on all Aster nodes.