Certificate signing requests are described in PKCS#10 standard. They are used to supply a Certification Authority with the needed information to issue a valid certificate without knowing the private key. This includes personal information, they public key and additional extensions.
Netscape SPKAC files can not be created or exported, but they can be imported and signed. This requests are marked in the Signature field as SPKAC and a Netscape icon is shown.
It is not necessary to generate a request prior to signing it by your CA or before self-signing it. Simply start generating the certificate directly. People using the OpenSSL command line tools, are used to generate a request with "openssl req -new ..." and then signing it . This is not necessary with XCA.
After clicking on the
New Request button the Certificate dialog will be started to ask
all needed information for generating a new Request. See:
The Certificate input dialog
The request generation can also be invoked by the context menu of a certificate (Export->Request). This menu point is only available if the private key of the certificate is available. In this case all needed data is copied from the certificate and the Certificate dialog is not invoked.
Requests can be exported by the context-menu or by the button on the right.
A request transformation creates a new database entry based on the selected request
All information contained in the request are shown. If the keystore contains
the private key corresponding to the request the keys internal name is shown