CSR-Sybase Manage Anywhere Studio (Using Microsoft IIS 5.0)

To generate a CSR, you first need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match your private key. You will have to request a new SSL Certificate and may be charged.

The CSR needs to contain the following attributes:

- Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
- State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California.
- Locality or City (L): The Locality field is the city or town name, for example: Berkeley.
- Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corportation or XY and Z Corportation.
- Organizational Unit (OU): This field is the name of the department or organization unit making the request.
- Common Name (CN): The Common Name is the Host + Domain Name. It looks like “www.company.com” or “company.com”.

Note: VeriSign certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain “domain.com” will receive a warning if accessing a site named “www.domain.com” or “secure.domain.com”, because “www.domain.com” and “secure.domain.com” are different from “domain.com”.

VeriSign recommends that you contact Sybase for additional information.
Generate a Private Key Pair

1. Under Administrative Tools, open Internet Services Manager.
2. Open the Properties window by right-clicking on the name of the Web site you wish to secure.
3. Click the Directory Security tab.
4. Click Server Certificate in the Secure communications section. If you have not used this option before the Edit button will not be active.
5. Select Create a new certificate
6. Select Prepare the request now, but send it later. VeriSign only accepts CSRs through the enrollment process forms. We do not accept CSRs over email.
7. Complete the information requested by the IIS Certificate Wizard to create a private key that is stored locally on your server and a public key (the Certificate Signing Request) that you will use during the enrollment process. You have successfully generated a CSR file. See Terms Defined if you have questions about any of the information requested.
8. Click Finish to exit the IIS Certificate Wizard. A CSR file has been generated.
9. Go to the enrollment form and paste the information into the form when prompted for the CSR.

Note: For Extended Validation certificates the key bit length must be 2048.