| Previous | Next |
|---|
2. Create a new certificate signing request -- Every certificate starts with a CSR, so if you want a CSR -- perhaps to send to a commercial CA -- you could use cert.command and discard certificate.crt (signed by your own CA) and instead submit certificate.csr to another CA to be signed. cert.command also creates certificate.key, containing the private key which the CSR and eventual certificate are based on. See step 5 for more on cert.command.