Generate a Key Pair

You use the KEYGEN utility, located in the INETSRVSERVER directory (or the directory where you installed Microsoft Internet Information Server) to create two files :

* KEYPAIR.KEY This is key file that contains a key pair

* REQUEST.REQ This is a certificate request file.

You need to create a Fully Distinguished Name for your server by using the following variables :

C= A two-letter ISO country desination ( for example, US, FR, AU, UK, KE)

S= State or Province (for example, Washington, Alberta, or Calfornia)

Do not abbreviate this name.

L = Locality ( for example, Redmond, Calgary, or Redwood City).

O = Organizational (Preferably ISO-registered, top-level organization or company name).

OU = Organizational Unit ( such as a division or department name).

CN = Common Name (Domain Name of server, for example,www.mycompany.com)

For example, this is the distinguished name for the support department for BigSur Multimedia in Cambria, California :

C= US,

S = CALIFORNIAL, L = CAMBRIA, O = BIG_SUR, OU = SUPPORT, CN = www.bigsur.com

Do not use commas in any fields since they are interpreted as the end of a field. Here is an example of using KEYGEN to create a key file called KEYPAIR.KEY and a certificate request file called REQUEST.REQ using the distinguished name described above. Replace password with a suitable password.

KKEYSEN password KEYPAIR.KEY REQUEST.REQ

“C = US, S = CALIFORNIA, L= CAMBRIA, O=BIG_SUR, OU = SUPPORT, CN = www.bigsur.com”

This generates the following message and stores the files in the urrent directory.

SSI Key generation utility, Version 1.0

Copyright © 1995 Microsoft Corporation

Generating key pair of length 1024 bits completed.

Send the generated request file, Request.req.

To your Certificate Authority for signing.

Related Posts
No related posts for this content
admin