A CSR code is an encoded text file utilized for certificate ការធ្វើឱ្យសកម្ម, containing company/contact details and the domain name to be secured. For a successful SSL configuration, a Private Key must also be generated alongside the CSR code. Unlike the CSR, the Private Key is not exported from the server and is not used for SSL activation. However, this file will be necessary to install the certificate on Citrix NetScaler VPX after issuance.
How to Generating a CSR on Citrix NetScaler VPX
ជំហានទី 1
In order to generate a CSR/Private Key pair on Citrix NetScaler VPX, log into your device console, click on the ការកំណត់រចនាសម្ព័ន្ធ ផ្ទាំង, ពង្រីក ការគ្រប់គ្រងចរាចរណ៍ left-side menu and select SSL:
ជំហានទី 2
On the next page, it is necessary to click Create RSA Key ក្នុង SSL Keys ផ្នែក។
ជំហានទី 3
At this point, you need to fill in the form to have a Private Key generated:
Key Filename – make up a name for the Private Key file in order to differentiate it from other key files. It may be your domain name, for instance.
ទំហំគន្លឹះ – we recommend entering 2048. It is the minimum possible value and the standard size which is accepted by all modern devices.
Public Exponent Value – it is recommended to use the default value F4. This feature is related to the speed of encryption and the cipher algorithms to be used.
ទ្រង់ទ្រាយគន្លឹះ – choose the PEM format from the drop-down list as it is the format supported by Citrix NetScaler VPX.
នេះ PEM Encoding Algorithm, PEM Passphrase and Confirm PEM Passphrase fields should be left blank since this Private Key encryption feature is obsolete now.
After all the required fields are filled in, click OK and return to the main page of the NetScaler console.
On the homepage of the console, choose the ការកំណត់រចនាសម្ព័ន្ធ ផ្ទាំង, ពង្រីក ការគ្រប់គ្រងចរាចរណ៍ left-side menu and select SSL again. In the SSL Certificates menu, click Create CSR (Certificate Signing Request).
ជំហានទី 4
On the next page, it is necessary to fill in the fields with the following information:
Request Filename – make up a name for the CSR code in order to differentiate it from other codes that are stored on your server.
Key Filename – click Browse and select the Private Key that was generated before.
ទ្រង់ទ្រាយគន្លឹះ – choose the PEM format as it is the format supported by NetScaler VPX.
PEM Passphrase – leave this field blank since the Private Key has not been encrypted with a password.
ប្រទេស – select your country from the drop-down list.
រដ្ឋឬខេត្ត – specify the full name of your state or region.
ឈ្មោះអង្គការ – enter the name of your company. If you do not have a registered company, enter NA.
រាជធានី ខេត្ត – provide the full name of your city or locality.
អាស័យដ្ឋានអ៊ីម៉េល – specify your email address. You may also leave this field blank as this email is no longer used for communication between the certificate applicant and the certificate authority.
អង្គភាព – enter the company division or department (IT, Sales, etc.). It is possible to specify NA here as well.
ឈ្មោះទូទៅ – indicate the fully qualified domain name/subdomain the certificate needs to be activated for. If you are generating a CSR code for a wildcard certificate, the following format should be used: *.example.com (the asterisk stands for the subdomains that will be covered by the SSL).
The attribute fields សាកល្បងពាក្យសម្ងាត់ និង ឈ្មោះអង្គការ should be left blank as they both are considered obsolete.
ជំហានទី 5
After all the necessary fields are filled in, click Create > Close to finalize CSR generation.
Now, you need to locate the CSR code in your NetScaler VPX console.
Get back to the homepage of the console, select the ការកំណត់រចនាសម្ព័ន្ធ ផ្ទាំង, ពង្រីក ការគ្រប់គ្រងចរាចរណ៍ tree menu and click SSL ដែលបាន។ ក្នុង ឧបករណ៍ ផ្នែក, ចុច Manage Certificates / Keys / CSRs.
On the next page, select the .csr file generated before and click មើល.
At this point, it is necessary to copy the CSR code including the header —–BEGIN CERTIFICATE REQUEST—– and footer —–END CERTIFICATE REQUEST—– or click Save to download the code on your computer.
Now you can use the generated CSR code to activate your SSL certificate in the 1Byte account.