VSys One: Volunteer Management Software

Generating a Certificate Signing Request (CSR)

VSys Live utilizes Apache web server and OpenSSL for providing secure communications to the site. In order for this communication to be secured, SSL (Secure Socket Layer) security certificates need to be installed. Getting an SSL certificate first requires generating a certificate signing request. For hosted clients, we'll handle that for you. If you're self-hosted, you'll need to generate a CSR and then acquire the SSL certificate.

Prerequisites

Generating the CSR requires OpenSSL be installed. This means either:

• Installing VSys Live without SSL (this installs Apache and OpenSSL for you to use), or
• Installing OpenSSL for Windows someplace appropriate on the machine.

Required Information

• Site name (this will have to match what is in VSys Live)
• Country Name (usually "US")
• State Name
• City Name
• Company Name

If the information above has errors in it, Apache may have issues with the resulting cert, or the certificate may get flagged as being fraudulent from your certificate provider. If you have questions on the information, please contact a member of your IT/IS/Network Security team and they should be able to provide you with the correct information.

Generating the CSR

1. Get to a Windows command prompt.
2. Switch to the OpenSSL directory, e.g. c:\VSysLive\Apache\bin.
3. Type openssl req -new -newkey rsa:2048 -nodes -keyout yoursitename.yourdomain.key -out yoursitename.yourdomain.csr -config c:\VSysLive\Apache\conf\openssl.cnf
   where yoursitename.yourdomain is your site's name, e.g. volunteers.vsysone.com, and referencing the folder where OpenSSL's .cnf file is located.
   
4. Enter the appropriate values for Country Name (2 letter code), State or Province Name (full name), Locality Name (e.g. city), Organization Name (e.g. company), Organizational Unit Name (e.g. section), Common Name (this will be the full site name of your VSys Live site), Email Address (this is optional and can be left blank). There are additional, "extra" attributes that can be sent with the certificate request that are optional and are usually skipped by leaving them blank.
5. After hitting enter again, two files will be created for you.
   
   

The generated .csr is for the CSR request to be sent to your SSL certificate provider.
The .key will be the key file is used in your VSys Live installation along with the files sent by your SSL certificate provider.

Never associate a passphrase with the CSR; VSys Live cannot use an SSL certificate that's associated with a passphrase.