Tag: DigiCert

DigiCert: Regenerate Certificate Signing Request (CSR) from Windows

Hi everyone, hope you guys are staying healthy and safe. I’m here to write about steps on regenerate certificate and its keys using the DigiCert. Anyone here uses DigiCert TLS/SSL for Windows this post will be helpful for you.

Anyway, if you’re new to certificates just a few tips for you to get the concept understand,

  1. Organization uses certificates because of internal/in-house applications.
  2. Certificates authorization dependent to the keys that you generated.
  3. The keys are dependent to where you generate it (Meaning which server/PC, yes it dependent highly on it).
  4. Keys are secure communication, allowing certificate authorization to have secure connection.
  5. Professionals would prefer to generate from the server level because you don’t often make changes towards server hostname or IP addresses, compared to PC.
  6. Some certificate products will notify you a month before your certificate expire. But please note, expired certificate will cause a Severity A or B impact (depending on your in-house application purposes (Production, DR or UAT)).

*Note: Make sure you are generating NOT from a consolidate server environment.

Ok, let’s start with the steps.

Step-by-step instructions

  1. Make sure your server that you choose to perform the activity doesn’t have any schedule for force shutdown, restart or update. Hence, it will not disturb your activity.
  2. You would have to login your administrator portal of DigiCert > Download the generator app from the right domain certificate > Download into the server > Install the DigiCert app.
  3. You are not requiring restarting your server after installing the DigiCert app.
  4. Launch the app > Select SSL > Select Create CSR > Select SSL > Fill in the blank boxes, and make sure that are same as from DigiCert portal because its case sensitive. Key Size you can choose the highest bit.
  5. Next, Copy the certificate to a notepad or save it to a file (On the server that you had generated)

Is better to remember which server you had generate the CSR. This will help you later to your goal on generating the SSL.

References:

  1. https://www.digicert.com/kb/util/csr-creation-microsoft-servers-using-digicert-utility.htm
  2. https://www.digicert.com/StaticFiles/DigiCertUtil.exe
  3. https://www.digicert.com/kb/util/ssl-certificate-installation-using-digicert-utility-for-microsoft-servers.htm