Before you request a certificate, you must:
In this section, you ask the certifying authority (CA) for a server certificate. As the server owner you create a private key and a public key. The public key is created in a certificate request (usually called a Certificate Signing Request, CSR) that you would send to the CA.
With a commercial CA, you would typically contact them first, learn about what types of certificates they supply, and find out their prices, terms and conditions.
The batch file creates a public/private key pair for your server, and creates a certificate request with the public key, to send to the CA.
The private key is generated first and is stored in srvkey.pem.
For example, you can enter something like:
Country Name: US State or Province Name: California Locality Name: Palo Alto Organization Name: Bloggs Widgets Inc Organizational Unit Name: Marketing Common Name: svr-blogw Email Address: bloggs@widgets.com
The details you enter are included in your server certificate to identify you.
openssl req -in srvcertreq.csr -text
Windows:
set OPENSSL_CONF=C:\Program Files (x86)\Micro Focus\DemoCA\openssl.cnf
UNIX:
export OPENSSL_CONF=/opt/microfocus/DemoCA/openssl.cnf