Certificate Requests
Certificate request generation
In order to request for a personal certificate via the command line you need to follow the instructions below. First you must connect via ssh to your preferred UI and then issue the following command
where you should substitute %temporary_folder% with a name you prefer. SEE-GRID CA issues certificates under one of the following name schemes:
Please consult your local RA on which name scheme is appropriate for you to use. In the following examples the second namescheme will be used as a template. To generate the request file and private key file issue the following command.
- Substitute
{Country Code}with the two letter ISO 3166-1 Alpha-2 code of the country in capital letters. - Substitute
{People|Hosts}withPeopleif this request is for a personal certificate orHostsif the request os made for a host, service or robot certificate. - Substitute
{Institution Name}with the full name of your institution (for example Greek Research and Technology Network) - Substitute
{Firstname Lastname}with your First and Last name. You may add your initials inbetween the First and Last name if you desire.
After that command an encrypted key will be created using the passphrase that you will provide to the privkey.pem. Also the application will be created to the file named cert_request.pem
In case you get the following error:
then you should execute the following command:
Once you have created the private key and request files you may forward the request file (NOT the private key one) to your local RA. Your RA will take care of forwarding this request to the SEE-GRID CA where your request file will be signed and your certificate will be returned to you via a signed email.