Generating a CSR for CDMS:

Notes:

http://www.entrust.net/tech/apachemod_ssl/csr.htm

Note that for the Passphrase Entrust requires the following criteria:

Passphrase:  
 8 Characters
 1 upper case letter
 1 lower-case letter
 1 Special Char.
 Both passwords must match

Generate the private key:

# /u01/cdms/ssl/openssl genrsa -des3 -rand /core 1024 > /usr/local/ssl/private/cdms.key                                  <
277240 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
....++++++
.....++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:

# ls -l /usr/local/ssl/private
total 2
-rw-r--r--   1 root     root         963 Aug 12 16:20 cdms.key


Generate the CSR:

# /u01/cdms/ssl/openssl req -new -key /usr/local/ssl/private/cdms.key -out /usr/local/ssl/cdms.csr
Using configuration from /usr/local/ssl/openssl.cnf
Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:FL
Locality Name (eg, city) []:Orlando
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Harcourt
Organizational Unit Name (eg, section) []:Web Services
Common Name (eg, YOUR name) []:nbpts.harcourt.com
Email Address []:kinscoe@harcourt.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Now verify the CSR:

# /u01/cdms/ssl/openssl req -noout -text -in /usr/local/ssl/cdms.csr
Using configuration from /usr/local/ssl/openssl.cnf
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=US, ST=FL, L=Orlando, O=Harcourt, OU=Web Services, CN=nbpts.harcourt.com/Email=kinscoe@harcourt.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:ca:53:eb:64:8c:28:7e:5b:c7:22:3a:16:99:1b:
                    ea:66:d8:b2:61:36:26:11:8c:9d:29:c2:87:9f:ae:
                    d8:5c:15:bf:99:de:72:5b:4d:86:58:5e:77:8e:90:
                    a2:3b:5b:3a:4a:0f:51:8c:d0:65:b5:a1:77:4a:00:
                    56:f1:fa:35:49:72:e4:85:89:86:1e:9c:98:70:55:
                    7a:00:a8:29:8b:01:d1:40:3f:03:8e:4e:ce:40:ee:
                    37:23:90:e7:71:3c:fd:a0:52:ee:51:3e:58:92:1b:
                    c1:47:60:ee:2b:42:66:e7:90:dd:2a:d5:84:53:1f:
                    b2:ab:f5:55:a6:1a:71:77:af
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: md5WithRSAEncryption
        36:b6:f1:e2:8c:ce:79:d9:e4:46:fa:88:a3:0d:58:26:61:f8:
        0f:d0:20:8c:93:eb:d1:ce:9b:7f:ac:8b:14:7e:42:1d:b4:3f:
        35:be:f6:de:13:38:df:58:98:07:e2:4e:5a:18:6e:1f:8e:2f:
        3a:9b:00:88:a4:9e:d0:8b:4d:0e:83:47:d0:a2:90:23:80:0f:
        33:7a:12:1a:ed:1e:27:d7:cb:59:57:47:c9:7c:98:f2:f8:a2:
        ef:12:3b:2a:ea:10:cf:23:e9:c9:bb:bf:8e:42:4f:c2:64:ee:
        7a:b6:07:78:22:c5:30:e7:f8:34:ce:77:3d:56:25:ab:77:59:
        14:8d