Welcome to Global Trust 256 bit SSL Security Site.

  現在位置 : 技術資源 > 知識庫FAQ > SSL 憑證 > Thawte > 產生CSR > Qpopper

技術 / 資訊搜尋 


Qpopper


Note: In the interest of better security and the enablement of greater trust, we have decided that 1024-bit keys will now be the minimum strength used in the issuance of thawte digital certificates.

To create a certificate signed by a Certificate Authority using OpenSSL, follow these steps:

Create or choose a directory for the certificates and your private key. Because the private key is stored unencrypted, it is very important that only user root has access to this directory. For example, the following three commands:
mkdir -p -m665 /etc/mail/certs
chown root:mail /etc/mail/certs
chmod 660 /etc/mail/certs

Use openssl to create a public-private key pair and a certificate signing request (csa). For example, the following command (this text should be entered at a command prompt as one long line):
/usr/local/ssl/bin/openssl req -new -nodes -out req.pem -keyout /etc/mail/certs/cert.pem
When you run openssl it prompts you for items of information. It is very important that you properly answer these prompts; the default explanation may not be accurate. It asks you:
Country Name Supply the ISO-standard two-letter code for your country.
State or Province Name Type the full name of your state or province.
Locality Name Type the full name of your city or municipal area.
Organization Name Type the legal name of your company or organization.
Organizational Unit Name Type the name of your division or section of your company.
Common Name Type the fully-qualified host name of the mail server host. Do not type your personal name, even if the openssl prompt sounds like that is what you should do. This must be the same name that a client enters to get to your server.
Email Address This should be your email address, or that of an institutional role (such as postmaster).

Ensure that the file which now contains the private key (and will later contain the signed certificate) is owned by and only accessible by root. For example, the following two commands:
chmod 600 /etc/mail/certs/cert.pem
chown root:0 /etc/mail/certs/cert.pem
Send the certificate signing request (file req.pem) to your Certificate Authority for signing. You will receive back a signed request.

For instructions to install the certificate for Qpopper, go to the following solution: vs27715



技術支援系統登入 忘記密碼?
帳號
密碼

 

主要問題大類
文件區 (3)
SSL 憑證 (0)
CodeSign程式碼簽章 (0)
Email憑證 (24)
隱私條款 法律聲明 安全說明連絡寰宇