Creating a Certificate Request (CSR) - Facility Explorer - Metasys - LIT-12012015 - TL-MAP1810-0Px - TL-MAP1810-0Sx - Gateway/Router - MAP Gateway - 5.0

Mobile Access Portal Gateway Network and IT Guidance Technical Bulletin

Facility Explorer
Product name
MAP Gateway
Document type
Technical Bulletin
Document number
Revision date

Before you begin

The following steps demonstrate how to create a request for an SSL certificate (CSR) using the XCA - X Certificate and key management application, copyright 2014 by Christian Hohnst├Ądt, as an example of how to perform this task. You must make sure to use a certificate request generating application that is approved by your IT department. This procedure creates a file in a format for submitting the properties of your SSL certificate to the certificate authority. Your IT department must also approve the Public Certificate Authority to which you submit your request.


  1. Open your certificate request creating application, select the Certificate signing requests tab if necessary, and click New Request. The Create Certificate signing request screen appears.
    Figure 1. New Certificate Signing Request Tab

  2. In Signing request enter unstructuredName and challengePassword

    The unstructured name is used by the certificate signing authority and may be set to your organization name.

    Accept the defaults (SHA1 and [default]CA) unless they conflict with your IT policies and click the Subject tab.

    Figure 2. Create CSR Source Screen

  3. In the Distinguished Name Properties window, enter the following information:
    • Internal name: This name is only used internally and does not appear in the certificate.
    • organizationName: the name of your organization
    • countryName: the country in which your organization is located
    • organizationalUnitName: the name of your department within the organization
    • stateOrProvinceName: the state in which your organization is located
    • commonName: the domain name without https://. The domain name should be the site used to browse to the MAP Gateway UI.
    • localityName: the city in which your organization is located
    • emailAddress: Typically the address of the administrator of your organization.
    • Private key: This drop-down list contains private keys that you have already generated. In this case, select New Key (RSA) which was generated in the Generating a Private Key section of this document. If you have not created a private key or wish to create a new one, click Generate a new key and follow the steps in Generating a Private Key in this document.
  4. Select the Extensions tab.
    Figure 3. New CSR Subject Tab

  5. Use the Validity and Time range sections to define time limits and valid ranges for your certificate. Click OK.
    Figure 4. New CSR Extensions Tab

  6. The new certificate signing request is now in your list of certificates with the internal name you assigned. Select the certificate and click Export.
    Figure 5. New CSR Created

  7. Click the browse button, choose a location for the new CSR file, and click OK. This file will be used to purchase a certificate request from a Public Certificate Authority.
    Figure 6. Certificate Request Export