Generate CSR: Cisco Secure ACS
Follow these instructions to generate a Private Key and CSR.
- Login to ACS and click System Configuration.
- Click ACS Certificate Setup.
- Click Generate Certificate Signing Request.
- Fill out the the Generate New Request form. The first
form field is marked Certificate Subject. The Certificate Subject
field will accept a set of key=value pairs. Certain
keys are required: CN (common name), O (organization), L (locality
or city), S (state or province), and C (country). OU (organizational
unit is optional). An example string would be:
CN=www.mysite.com, O=Gotham Books LLC, OU=Sales, L=Atlanta, S=Georgia,
You will be asked for several pieces of info which will be used by GeoTrust to create
your new SSL certificate. These fields include the Common Name (aka domain, FQDN), organization,
country, key bit length, etc. Use the CSR Legend in the right-hand column of this page
to guide you when asked for this information. The following characters should not
be used when typing in your CSR input: < > ~ ! @ # $ % ^ / \ ( ) ? , &
- In the Private Key File box enter the full path where you would like
the associated private key to be stored, such as C:\privatekey.key.
- Enter a private key password, 2048 for the bit
length, and SHA1 for
the Digest to Sign With.
- Click Submit and your CSR will be viewable from the right-side of the
Save a copy of your CSR. The CSR will be needed during the online order
process. You'll be asked to copy-and-paste your CSR into a special CSR box.
Below is an example of what your CSR will look like. This
is a example only and cannot be used to generate your SSL certificate.
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
When generating your CSR you will be asked to input
a few pieces of info. Below are some common fields with descriptions and examples.
(also see About the CSR)
Common Name (CN)
The fully-qualified-domain name for your certificate. Examples include...
- *.domain.com (for wildcard SSL)
The exact legal name of your organization. Do not abbreviate your
organization's name. Example: Metro Realty LLC or Flowers by Jenny
Organizational Unit (OU)
The section or division of the organization. Example: Sales, Support, Customer Service
City or Locality (L)
The city where your organization is legally located. Cannot be
abbreviated. Example: Atlanta
State (S) or Province
The state or province where your organization is legally located. Cannot
be abbreviated.. Example: Georgia
The two-letter ISO Country Code abbreviation for your country. Example: US, CA, GB (must be two-letters)
Any email address. This field is arbitrary but must be filled in. GeoTrust
will not use this email address to process your order. Example: email@example.com
Key Bit Length
The key bit length has to do with the initial key exchange, not the
encryption strength of your certificate. GeoTrust recommends a key bit length of 2048.