IBM HTTP Server


Generating a Certificate Signing Request (CSR) using IBM HTTP Server

Please note, as of January 2011, all CSR’s must be generated with a key length of 2048

Using IKEYMAN for CSR Generation

Note: If you are starting IKEYMAN to create a new key database file, the file is stored in the directory where you start IKEYMAN.

To Create a New Key Database:

  • A key database is a file that the server uses to store one or more key pairs and certificates. You can use one key database for all your key pairs and certificates, or create multiple databases.
  • Enter IKEYMAN on a command line on UNIX, or start the “Key Management” utility in the IBM HTTP Server folder, on Windows.
  • Select “Key Database File” from the main user interface, select “New”.
  • In the New dialog box, enter your key database name. Click “OK”.
  • In the “Password Prompt” dialog box, enter a password, enter to confirm the password. Click “OK”.

Creating a New Key Pair and Certificate Request:

  • Enter IKEYMAN on a command line on UNIX, or start the “Key Management” utility in the IBM HTTP Server folder on Windows.
  • Select “Key Database File”, from the main user interface and select “Open”.
  • In the “Open” dialog box, select your key database name. Click “OK”.
  • In the “Password Prompt” dialog box, enter your correct password and click “OK”.
  • Select “Create” from the main user interface, select “New Certificate Request”.
  • In the “New Key and Certificate Request” dialog box, enter:
    1. Key Label: A descriptive comment to identify the key and certificate in the database.
    2. Keysize:
    3. Organization Name:
    4. Organization Unit:
    5. Locality:
    6. State/Province:
    7. Zipcode/Postcode:
    8. Country: Enter a country code. Example: US or GB etc.
    9. Certificate request file name, or use the default name.
  1. Click OK.
  2. In the “Information” dialog box, click “OK”.