How to Generate a CSR

  • Adobe AIR

    Code Signing Certificates

    How to generate a Certificate Signing Request (CSR) via Adobe AIR

    A CSR is encoded text that contains information about the certificate requester. This information includes, but is not limited to, the publisher name for the certificate (referred to as a "Common Name"), organization name (if applicable), and a contact email for the certificate. When creating a CSR it will export two files, these two files will be your CSR, which will be requested during enrollment, and a corresponding private key which should not be shared and will be required during installation.

    CSR Generation Instructions

    The following instructions will guide you through the CSR generation process on Adobe AIR. To learn more about CSRs and the importance of your private key, reference our Overview of Certificate Signing Request article. If you already generated the CSR and received your trusted Code Signing certificate, reference our Code Signing Installation Instructions and disregard the steps below.

    Instead of generating the CSR and private key on your server or signing platform, the issuing Certificate Authority (CA) has supplied your Code Signing Provider with a unique script that allows you – the certificate requester - to generate the CSR and private key securely via browser during the enrollment process in your account. This process is very convenient for users and eliminates the hassle of running complicated command lines to output the required key pair.

    You will need to use Firefox in order to securely generate your Code Signing certificate. Firefox has a unique function which allows for the CSR and accompanying private key to be generated securely and easily. If you do not have Firefox installed, you may download it here. If you are unable to use Firefox, please contact us.

    Note: The private key will be stored in the browsers certificate manager folder. You will obtain a copy of this after the certificate has been issued and downloaded in the same browser.

    For a step-by-step instructions on generating a CSR on a Web Browser, please click here.

  • Java Keystore

    Code Signing Certificates

    How to generate a Certificate Signing Request (CSR) via Java Keystore

    A CSR is encoded text that contains information about the certificate requester. This information includes, but is not limited to, the publisher name for the certificate (referred to as a "Common Name"), organization name (if applicable), and a contact email for the certificate. When creating a CSR it will export two files, these two files will be your CSR, which will be requested during enrollment, and a corresponding private key which should not be shared and will be required during installation.

    Note: Before proceeding with the instructions below, confirm the Java Development Kit (JDK) is installed correctly on your server or local computer.

    CSR Generation Instructions

    The following instructions will guide you through creating a Java Keystore File and CSR. If you already generated the CSR and received your trusted Code Signing Certificate, please click here for Code Signing Installation Instructions.

    1. To make a keystore and key file, run the command prompt below:

    keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore keystore.jks

    1. Enter the required information, when prompted:
      • Enter keystore password:
      • Re-enter new password:
      • What is your first and last name?
      • What is the name of your organization unit?
      • What is the name of your organization?
      • What is the name of your City or Locality?
      • What is the name of your State or Province?
      • What is the two-letter country code for this unit?
      • Is CN = CompanyName or Firstname Lastname, OU=DeparmentName, O=CompanyName, L=City, ST=State, C=CountryCode correct?
      • Enter key password for <server>:
    2. The above command will create a Java keystore file called keystore.jks
    3. To make the CSR from the keystore, run the command prompt below:

    keytool -certreq -alias server -file csr.csr -keystore keystore.jks
    Enter keystore password:

    Note: The keystore password is the same password you created in step 2.

    1. The above command will create the CSR and private key and saves as a .csr file and a .jks file.
    2. Copy the newly generated CSR and include the header -----BEGIN NEW CERTIFICATE REQUEST---- and footer -----END NEW CERTIFICATE REQUEST----- tags.
    3. Login to your account
    4. Locate your Incomplete Order
    5. Click Generate Cert Now
    6. Select the option to Create a link
    7. Click the link
    8. Select Java as your Code Signing Certificate Type
    9. Continue and paste in your CSR
    10. Complete the remaining enrollment steps
    11. Congrats! You now have an Order Number

    After you complete the validation process and receive the trusted Code Signing Certificate from the issuing Certificate Authority, please click here and proceed with the next step using our Code Signing Installation Instructions.

  • Web Browser

    Code Signing Certificates

    How to generate a Certificate Signing Request (CSR) on a Web Browser

    A CSR is encoded text that contains information about the certificate requester. This information includes, but is not limited to, the publisher name for the certificate (referred to as a "Common Name"), organization name (if applicable), and a contact email for the certificate. The process of generating the CSR and corresponding private key – which is required during installation and should not be shared – is a little different with Code Signing Certificates compared to other security products such as SSL Certificates.

    Instead of generating the CSR and private key on your server or signing platform, the issuing Certificate Authority (CA) has supplied your Code Signing Provider with a unique script that allows you – the certificate requester - to generate the CSR and private key securely via browser during the enrollment process in your account. This process is very convenient for users and eliminates the hassle of running complicated command lines to output the required key pair.

    CSR Generation Instructions

    You will need to use Firefox in order to securely generate your Code Signing certificate. Firefox has a unique function which allows for the CSR and accompanying private key to be generated securely and easily. If you do not have Firefox installed, you may download it here. If you are unable to use Firefox, please contact us.

    Note: The private key will be stored in the browsers certificate manager folder. You will obtain a copy of this after the certificate has been issued and downloaded in the same browser.

    The following instructions will guide you through the CSR generation and enrollment process.

    1. Open Firefox
    2. Login to your account on your SSL provider's website.
    3. Locate your Incomplete Code Signing
    4. Click Generate Cert Now
    5. Enter the required certificate information
    6. Click Submit
    7. The browser will generate the key pair

    8. Congrats! You now have an Order Number

    After you complete the validation process and receive the trusted Code Signing Certificate from the issuing Certificate Authority, please click here and proceed with the next step using our Code Signing Installation Instructions.