---------------PART 1: GENERATING A CSR-------------------
# Generating a Certificate Signing Request (CSR)

1. SSH to your PC ie. ssh sysadm@hostX.ws.nsrc.org

2. Change directory to your home folder

> cd ~

3. Create a new directory and switch to it

> mkdir conf
> cd conf

4. Generate CSR
	a ) Check if openssl is installed
		> dpkg -l | grep openssl
		
	The above command should return something like openssl-0.9.8e-7.el5 openssl-0.9.8e-7.el5 openssl-devel-0.9.8e-7.el5
	or else execute the following:
	
		> apt-get install openssl openssl-devel

	b ) Generate the RSA key

		> openssl genrsa -out hostX.ws.nsrc.org.key 2048

	c ) Create a CSR

		> openssl req -new -sha256 -key hostX.ws.nsrc.org.key -out hostX.ws.nsrc.org.csr

	## ! IMPORTANT: ENTER THE INFORMATION TO BE DISPLAYED ON THE CERTIFICATE
	
	--> Common Name: 	hostX.ws.nsrc.org
	--> Organization: 	Host X
	--> Organization Unit: 	HX
	--> City: 		Nairobi
	--> State or Province: 	Nairobi
	--> Country: 		Kenya

5. Verify your CSR

> openssl req -noout -text -in hostX.ws.nsrc.org.csr


---------- PART 2: DOWNLOADING YOUR SSL CERTIFICATE---------------

# Downloading Certificate from CA.
# Ensure you have your CSR ready for upload or copy pasting

1. Open URL http://ca-gen.kenet.or.ke/ on your browser

2. Visit the 'Create Certificate from CSR' link

Enter your Username and password as follows:

username: hostX
password: hostX

Paste/Upload your CSR

and click SUBMIT

3. Download and save the certificate on your computer

4. Now we are going to copy the certificate to our server using

> scp hostXwsnsrcorg.pem sysadm@hostX.ws.nsrc.org:~/conf

OR Copy and Paste

---------- PART 4: INSTALLING CA CERTIFICATE ON BROWSER TO BUILD TRUST----

1. Open URL http://crt.ca.kenet.or.ke/KENETCA.crt in your browser
   
    Check all the options and click OK