I need to host a web service that would accept requests over https. Therefore I need an SSL certificate issues by some Serious Certificate Company. I asked our admins - they say I have to generate some request and give it to them before they can proceed.
I'm on Windows if that matters.
What are they talking about? Where do I start?
A certificate request is a piece of the certificate signing process, which contains the public key that's associated to a new private key that your local system generates, as well as the attributes that are being requested for the new certificate. The certificate authority company will take this file and return to you a signed certificate file with your public key and the attributes that they assign to the new certificate.
For an IIS server, there's a certificate request wizard built into IIS for generating a request. If you're not using IIS or you need more granular control, you'll be looking at the
certreq
command line tool.Your folks are referring to a Certificate Signing Request.
This Microsoft KB article shows how to create one using the IIS MMC Snap-In: http://support.microsoft.com/kb/228821/en-us
Just to be sure, be aware that when you generate the request, you are also generating the private key (in fact you are generating the private key first) and thats the piece of information that will be used by your web server in combination with the certifcate you will receive. And thats the secret information that will allow you and only you (if you manage to keep it secret) to convince your users that you are the server that you claim to be.