Generate a Key Pair
You use the KEYGEN utility, located in the INETSRVSERVER directory (or the directory where you installed Microsoft Internet Information Server) to create two files :
* KEYPAIR.KEY This is key file that contains a key pair
* REQUEST.REQ This is a certificate request file.
You need to create a Fully Distinguished Name for your server by using the following variables :
C= A two-letter ISO country desination ( for example, US, FR, AU, UK, KE)
S= State or Province (for example, Washington, Alberta, or Calfornia)
Do not abbreviate this name.
L = Locality ( for example, Redmond, Calgary, or Redwood City).
O = Organizational (Preferably ISO-registered, top-level organization or company name).
OU = Organizational Unit ( such as a division or department name).
CN = Common Name (Domain Name of server, for example,www.mycompany.com)
For example, this is the distinguished name for the support department for BigSur Multimedia in Cambria, California :
S = CALIFORNIAL, L = CAMBRIA, O = BIG_SUR, OU = SUPPORT, CN = www.bigsur.com
Do not use commas in any fields since they are interpreted as the end of a field. Here is an example of using KEYGEN to create a key file called KEYPAIR.KEY and a certificate request file called REQUEST.REQ using the distinguished name described above. Replace password with a suitable password.
KKEYSEN password KEYPAIR.KEY REQUEST.REQ
“C = US, S = CALIFORNIA, L= CAMBRIA, O=BIG_SUR, OU = SUPPORT, CN = www.bigsur.com”
This generates the following message and stores the files in the urrent directory.
SSI Key generation utility, Version 1.0
Copyright © 1995 Microsoft Corporation
Generating key pair of length 1024 bits completed.
Send the generated request file, Request.req.
To your Certificate Authority for signing.