CSR Creation With Java Keytool for WebLogic Servers
**NOTE: To avoid errors during installation, we recommend that you generate a new keystore before creating your CSR. This is even the case when reissuing or renewing your certificate.
Recommended: Save time by using our Keytool CSR Wizard. Enter the requested information, click Generate, and then paste the command you will be provided with into your terminal.
If you prefer to use your own keytool commands to generate your CSR, follow the instructions below:
Create a Keystore File
Using keytool, enter the following:
keytool -genkey -alias server -keyalg RSA -keystore your_domain.jks
'your_domain' in the command above should be the name of the domain you are securing. If you are ordering a Wildcard Certificate, do not include the * in the filename as it is not a valid filename character.
You will be prompted to enter the information for your certificate.
Please note: When prompted for the first and last name, DO NOT enter your first and last name. Instead, enter the name to which the certificate is being issued (e.g., www.yourdomain.com, mail.yourdomain.com, *.yourdomain.com).
When prompted, enter 'y' or 'yes' to confirm. You will next be asked for a password. You will need to use this same password when generating a CSR and importing your certificates.
Generate a CSR from Your New Keystore
Use keytool to create a Certificate Signing Request from your keystore:
keytool -certreq -alias server -keyalg RSA -file your_domain.csr -keystore your_domain.jks
Again, 'your_domain' is the name of the domain you are securing. (without the * character if you are ordering a Wildcard Certificate).
Enter the keystore password.
Your CSR file should now have been created. Open the your_domain.csr file with a text editor and copy and paste the entire body of that file (including the BEGIN and END tags) into the online order form.