Create new certificate request

This option creates a certificate request using either RSA or DSA encryption for the public and private keys. The certificate request is exported to a file in Base64 format. This file can then be sent to a certification authority for processing.

For key databases:: The label has a maximum length of 127 characters and is used to reference the certificate in the request database. The label is also used when the certificate is received, so it must be unique in both the request and key databases. It must consist of characters that can be represented as 7-bit ASCII characters (letters, numbers, and punctuation) in the ISO8859-1 code page.
For tokens:: The label has a maximum length of 32 characters and is used to reference the certificate request. The label is also used when the certificate is received, so it must be unique in the token. It must consist of characters that can be represented in the IBM1047 code page.

The subject name and one or more subject alternate names can be specified for the new certificate. The subject name is always an X.500 directory name while a subject alternate name can be an X.500 directory name, a domain name, an email address, an IP address, or a uniform resource identifier. An X.500 directory name consists of common name, organization, and country attributes with optional organizational unit, city/locality, and state/province attributes. A domain name is one or more tokens that are separated by periods. An email address consists of a user name and a domain name that is separated by '@'. An IP address is an IPv4 address (nnn.nnn.nnn.nnn) or an IPv6 address (nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn). A uniform resource identifier consists of a scheme name, a domain name, and a scheme-specific portion (for example:

http://www.endicott.ibm.com/main.html