In order to generate a Certificate Signing Request file for a Key
Pair entry, in an opened KeyStore window, select that Key Pair entry and
invoke the contextual menu (usually by clicking the right mouse button).
In this contextual menu select Generate CSR
File
. For generating a CSR file, you have to
specify:
the name of the generated file;
the algorithm to use for signing the request; this is
automatically adjusted based on the key algorithm used in the Key
Pair. For DSA
keys the possible selections are:
SHA1withDSA
, SHA1WithDSA
,
SHA224WithDSA
, SHA256WithDSA
,
SHA384WithDSA
and SHA512WithDSA
, while for
RSA
keys the possible selections are:
MD2WithRSA
, MD5WithRSA
,
SHA1WithRSA
, SHA1WithRSAandMGF1
,
SHA224WithRSA
, SHA224WithRSAandMGF1
,
SHA256WithRSA
, SHA256WithRSAandMGF1
,
SHA384WithRSA
, SHA384WithRSAandMGF1
,
SHA512WithRSA
, SHA512WithRSAandMGF1
,
RIPEMD128WITHRSA
, RIPEMD160WITHRSA
andRIPEMD256WITHRSA
.
the challenge - the challenge-password attribute, which specifies a password by which the entity may later request certificate revocation.
The supported CSR formats are PKCS #10
and
SPKAC
(Signed Public Key and Challenge). These are selectable
from the file chooser filter list.