Cisco Headend Digital Broadband Delivery System
Generating and Deploying SSL Certificates Signed by a CA on a DNCS
4034689 Rev A
81
Refer to the system User's Guide for instructions.
Please enter your choice: [1|2|3|4|5]
2 Select choice 2 to create a certificate signing request and then press Enter. The
system prompts you for the Distinguished Name attributes of the certificate.
3 Use these guidelines to answer the prompt displayed in step 2.
Note: We recommended that you provide valid input for the Distinguished
Name information. Use a period (.) to indicate blank input.
Name information. Use a period (.) to indicate blank input.
Country Name — The country where your company resides. Use the two-
letter country code without punctuation for country (for example, US or FR).
letter country code without punctuation for country (for example, US or FR).
State or Province — The state or province where your company resides. Spell
out the state completely (for example, California). Do not abbreviate the state
or province name.
out the state completely (for example, California). Do not abbreviate the state
or province name.
Locality or City — The city or town where your company resides (for
example, Berkeley).
example, Berkeley).
Organization Name — Your company's name (for example, XYZ
Corporation). If your company or department name has an &, @, or any other
symbol that requires using the Shift key in its name, you must spell out the
symbol or omit it.
Corporation). If your company or department name has an &, @, or any other
symbol that requires using the Shift key in its name, you must spell out the
symbol or omit it.
Organizational Unit — The organization within the company. This field is
optional but can be used to help identify certificates registered to an
organization. The Organizational Unit (OU) field is the name of the
department or organization unit making the request. To skip the OU field,
press Enter.
optional but can be used to help identify certificates registered to an
organization. The Organizational Unit (OU) field is the name of the
department or organization unit making the request. To skip the OU field,
press Enter.
Common Name — The Common Name is the host plus the domain name
(for example, www.company.com or *.company.com). For the DNCS, use
the IP address of the interface that will be used for the DNCS Web Services.
(for example, www.company.com or *.company.com). For the DNCS, use
the IP address of the interface that will be used for the DNCS Web Services.
Email Address — E-mail address of the certificate requester.
Challenge Password — Type . and then press Enter.
Optional Company Name — Type . and then press Enter.
Result: The DNCS creates the CSR file (server.csr) and private key file
(server.key) in the /etc/opt/certs directory.
(server.key) in the /etc/opt/certs directory.
4 Type the following command and press Enter to set the file permissions to read-
only for the root user:
chmod 400 /etc/opt/certs/server.key
5 Copy the
/etc/opt/certs/server.csr file from the DNCS to the DNCS CA
/export/home/dncs/dncsCA/ directory.