Certificate Signing Requests

Before creating the certificate signing request (CSR), you must meet certain requirements.

In both the RealPresence Web Suite Services Portal and RealPresence Web Suite Experience Portal, you can create a CSR to send to a third-party CA for a digital signature. The portals automatically put their FQDN into the CSR CN field. The CSRs also include the SAN field, which allows you to specify additional names (such as the portal IP address) for which the resulting certificate is valid.

Note: The private key associated with a CSR is stored only on the portal that generated the CSR and cannot be exported.

The CA-signed certificate obtained from a RealPresence Web Suite Services Portal CSR cannot be used for the RealPresence Web Suite Experience Portal even if the RealPresence Web Suite Experience Portal FQDN is included in the SAN field. To use a single certificate for both portals, create the CSR in a third-party tool that makes the private key available, and submit that CSR to your CA. Upload the private key first and then the associated CA-signed certificate to both portals.

From your CA, obtain public key certificates for your servers and the intermediate and root certificates necessary for the certificate chain to have a complete path to the CA root certificate. All certificates must be in PEM format (Base64-encoded ASCII text). DER (binary format) certificates are not supported. If your CA provides the complete certificate chain in a single file, it must be a PEM-format P7B file (PKCS #7 protocol), not a DER-format PFX file (PKCS #12 protocol).

After obtaining the certificates, you can upload them to the portals.

Note: Before completing the following procedure, ensure that a new self-signed certificate or CSR is required. Generating a new self-signed certificate or a CSR overwrites the previous one.