How to create a request

  • 3 minute(s) read
Prev Next

This document provides information on how to create new requests from Certificate Manager, or import existing ones.

A request is the process of seeking the issuance of a digital certificate from a certification authority. Requisitions are necessary for Segura to understand the type of certificate you want and which authority should endorse it. Every requisition includes a CSR (Certificate Signing Request), which shares vital information with the certification authority to generate the certificate.

Create a request

To manually create a request, see the following steps:

  1. On Segura, in the navigation bar, hover over the Products menu and select Certificate Manager.
  2. In the side menu, select Requests > SSL/TLS.
  3. In the top right corner, click Add.
  4. In the General tab, enter the following information:
    1. In the Certificate type field, select the desired certificate type.
    2. In the Domain type field, select the domain type.
    3. In the Organization section, click + Add to add an organization.
      1. Select an organization, and click Add.
    4. In the Common name field, type the requests' common name.
    5. In the Generate random certificates with this CN field, select to generate random certificates with this common name.
    6. In the Certificate quantity, enter the number of certificates to be generated with this CN if the field Generate random certificates with this CN is enabled.
    7. In the Expiration (in days) field, enter the period for the certificate to remain valid.
    8. In the SAN * field, type all domains to be protected with this certificate.
    9. In the Tags field, enter tags to help identify the request.
    10. From the Encryption algorithm drop-down, select the encryption algorithm. Remember to choose the appropriate algorithm for your organization's security criteria.
    11. In the Encryption key size field, select the key size consistent with the algorithm.
    12. In the Certificate signature algorithm field, select the algorithm used to sign the certificate through the certification authority.
    13. In the Store password field, enter a store password for certificate viewing. The password can have up to 72 characters, including uppercase and lowercase letters, numbers, and the symbols. Passwords can have up to 72 characters, including uppercase and lowercase letters, numbers, and the symbols ! % @ # ^ * _.
    14. In the Revocation password field, enter a revocation password. Certificates issued without this password are subject to unintended revocations by anyone with access to the CA. The criteria for this password are the same as the one for Revocation password field.
  5. Click Continue.
  6. (Optional): In the Additional settings tab, enter the following information about requests' additional settings:
    1. In the Project field, enter the name of the project.
    2. In the External IP field, enter the external IP.
    3. In the IP or hostname field, enter the IP or hostname.
    4. In the Reason field, enter the reason for the request.
    5. In the Description field, the description of the request.
    6. In the Enable signature detailed log field, select to enable signature detailed log of the request.
    7. In the Self-signed? field, select if you trust the device that will sign the request.
    8. In the Choose CA field, select the certificate authority that will sign the request. This field is only available after selecting No in the Self-signed? field.
    9. In the Responsible for request field, select the user responsible for the request.
  7. Click Continue.
  8. (Optional): In the Environment tab, click + Add to select the requests' environments.
    1. Select the desired environments, and click Add.
  9. Click Continue.
  10. (Optional): In the System tab, click + Add to select requests' systems:
    1. Select the desired systems, and click Add.
  11. In the Review tab, review all information enter previously, and click Save.

The newly created request will appear on the SSL/TLS requests report screen.

Import a request

If you already have a request, you can import it for Segura to process and generate the certificate. To import a request, see the following steps:

  1. On Segura, in the navigation bar, hover over the Products menu and select Certificate Manager.

  2. In the side menu, select Requests > SSL/TLS.

  3. Click the Actions menu, and click Import request.

  4. In the CSR file * field, choose the CSR file.

    Info

    Although not mandatory, we recommend adding the Key password and Revocation password. These passwords protect the information and enhance the security of the process.

  5. In the Key file * field, choose the key file.

  6. In the Key password, insert the key password.

  7. In the Revocation password, insert the revocation password.

  8. In the Certificate signature algorithm *, select the certificate signature algorithm.

  9. In the Certificate type * field, select the certificate type.

  10. In the Domain type * field, select the domain type.

  11. In the Organization field, click + Add to select imported requests' organization.

    1. Select the desired organizations, and click Add.

  12. Click Save.

The newly imported request will appear on the SSL/TLS requests report screen.

Do you still have questions? Reach out to the Segura Community.