Exporting a Certificate Signing Request (CSR) File

This section describes how to export a certificate request file. After signing the file, you can import a new certificate.

Context

Only super administrators can export certificate request files.

Procedure

  1. Choose Settings > Certificate > Certificate Management.
  2. Select a desired certificate and click Export Request File.

    The Export Request File page is displayed on the right.

    Request files cannot be exported for SSO security certificate, DSwareTool security certificate, Object storage service maintenance API security certificate, Internal KMS certificate, Grafana service security certificate, and IAM security certificate.

  3. Select a certificate key algorithm from the Certificate Key Algorithm drop-down list to encrypt the request file to be exported.
  4. Select Advanced in the upper right corner and set advanced parameters for exporting the certificate request file.

    Table 1 describes related parameters.

    Table 1 Advanced request file parameters

    Parameter

    Description

    Country

    Value of the country parameter in the subject field when a CSR file is generated.

    State or Province

    Value of the state or province name parameter in the subject field when a CSR file is generated.

    City or Locality

    Value of the locality parameter in the subject field when a CSR file is generated.

    Organization

    Value of the organization parameter in the subject field when a CSR file is generated.

    Organization Unit

    Value of the organizational unit parameter in the subject field when a CSR file is generated.

    Common Name

    Value of the common name parameter in the subject field when a CSR file is generated.

    NOTE:

    If the exported certificate is Object storage service security certificate, the value of common name in the subject field is the global domain name of the object storage service.

    Subject Alternative Name

    Subject Alternative Name (SAN) is an extensible field (defined in the SSL standard X.509) during CSR file generation. The SSL certificate that uses the Subject Alternative Name field can extend the domain names supported by the certificate so that one certificate can support the resolution of multiple domain names. In the scenario where multiple clusters are deployed for the object service, you can configure global, region, and cluster domain names at the same time, or use wildcards (*). Use commas (,) to separate multiple domain names.

  5. Click OK.
Parent topic: Managing Certificates