Create a Certificate Signing Request (CSR)

  1. Start the Grid Management Pages and log on as a member of the grid-admin role.
  2. Click Security in the top menu.
  3. Click the Identities tab.
  4. Select the HTTPS identity to create a Certificate Signing Request for on the left side tabs.
  5. Click the Update Certificate link.
  6. Click Create Signing Request.
  7. Fill in the information needed in the new certificate. The Host FQDN is required but the rest is optional depending on the deployment scenario. The Host FQDN and alternate names are pre-populated with the values of the existing SSL certificate for the identity. See Create a new HTTPS identity with a Grid-signed certificate (step 9) for more information about the alternate names.
  8. Click Create (Overwrite keys) to generate new encryption keys for the signing request. This is recommended in most scenarios. A new self-signed certificate will be in place until the CA-signed certificate is imported.

    Click Create (Reuse keys) to keep the same encryption keys for the new signing request as were used in the existing SSL certificate.

  9. Click Yes on the warning message window.
  10. Copy the Certificate Signing Request data including the start and end parts 
    -----BEGIN CERTIFICATE REQUEST-----
MII...
-----END CERTIFICATE REQUEST-----
  11. Specify the Certificate Signing Request to the Certificate Authority used to issue the certificate. Retrieve the complete chain for the certificate from the CA.