This article explains how to create a Certificate Signing Request (CSR) for an SSL certificate and then import the certificate to Encryption Management Server.
Services such as clustering and Web Email Protection use the TLS protocol and require a server TLS certificate which includes the host name for the IP address of the server on which the service is running. To issue a certificate, the Certificate Authority needs information found in a certificate request (CSR).
There are four stages to this process:
Symantec Encryption Management Server 3.4.2 and above.
Before you import the server certificate, you must ensure that Encryption Management Server trusts the certificates in the server certificate's issuing chain or certification path. Every server certificate has an issuing chain of certificates. Generally, the Certificate Authority will send you these certificates or direct you to a web site from where you can download them. There is always a root certificate in the issuing chain and at least one intermediate certificate. To ensure that Encryption Management server trusts them please do the following: