1. Enter the Stronghold Configuration Manager.

2. Select New Key Generation to create a new key file.

3. Enter key size (either 512 or 1024 bits) and follow instructions for generating the random data. 1024 bits is the recommended key size.
   
   **** Note: The encryption key size (512 bit, 1024 bit) has nothing to do with the actual session key (128 bit, 40 bit)

4. When creating a CSR you must follow these conventions.
   Enter the Distinguished Name Field information.
   The following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?. &

   Distinguished Name Fields	Explanation	Example
   Country Name	The two-letter ISO abbreviation for your country.	US = United States
   State or Province Name	The state or province where your organization is located. Can not be abbreviated.	Georgia
   City or Locality	The city where your organization is located.	Atlanta
   Company (Organization) Name	The exact legal name of your organization. Do not abbreviate your organization name.	My Company, Inc
   Organizational Unit	Optional for additional organizational information.	Marketing
   Common Name (Server Host Name)	The fully qualified domain name for your web server. You will get a certificate name check warning if this is not an exact match.	If you intend to secure the URL https://secure.mydomain.com, then your CSR's Server Hostname must be secure.mydomain.com
   Server Administration email address (if applicable)	Your email address	abc@mydomain.com

5. The key pair will be generated and saved in the file: strongholdserverroot/private/hostname.key.
   
   example: /usr/local/stronghold/private/www.something.com.key

6. Edit this file to extract the CSR data and complete the online enrollment at RapidSSL.com. This is the text beginning with "-----BEGIN NEW CERTIFICATE REQUEST-----" up to and including the text "-----END NEW CERTIFICATE REQUEST-----".

Note: See also C2Net's documentation on key generation and installation instructions for both STRONGHOLD 2.3 and STRONGHOLD 2.4.x .