Skip to main content
Skip table of contents

Issue a New Server Certificate from a CSR

The following covers how to issue a certificate suitable for SSL/TLS servers from a Certificate Signing Request (CSR) generated by the server.

Before you begin, you should previously have created a certificate profile and end entity profile for SSL servers. For more information, see:

To request a certificate:

  1. Access EJBCA RA Web and click Make new request.
  2. In the Certificate Type field, select SSLServerEndEntityProfile.
  3. Under Certificate subtype, you should not be able to choose anything but the default SSLServerCertificateProfile.
  4. Under CA, you should not be able to choose anything but the default ManagementCA.
  5. Select the Key-pair generation option Provided by user.
  6. Upload the CSR.
  7. In CN, Common Name, verify
  8. In DNS Name, verify
  9. At Username, enter
  10. Click the preferred Download button (PEM, DER) to download and save the newly created certificate file.

A new certificate is generated and downloaded to your desktop.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.