Log In    |    Knowledge Base    |    4D Home
Tech Tip: How to avoid generating incompatible private keys and certificates
PRODUCT: 4D Business Kit | VERSION: 1.0 | PLATFORM: Mac & Win
Published On: December 13, 2002

The steps for generating a certificate usually require a waiting period for the certificate authority to process your application and to issue you a certificate. Here is a tech tip to prevent you from creating incompatible private keys and certificates using 4D Business Kit. The general rule is that you don't want to go through the "Creating a SSL certificate" procedure more than once for any given certificate.

A common misconception is, if you enter all the information in the fields the same as last time, the CSR would be the same. This however, is not the case. The private key and CSR that is created each time is generated via an algorithm. Each time this algorithm is executed, a new set of private key and CSR will be created. If you use this tool again, even by re-entering all the same information and clicking on the button that indicates the type of encryption again, you will generate a new set of private key and CSR. The new set will have absolutely nothing in common with your previous set. If you used the old CSR to obtain your certificate, you will need the old private key to decode that certificate. A newly generated private will not be able to decode a certificate from a previous CSR.

Follow the directions below to make sure you generate a compatible pair of private key and certificate.

  1. Launch 4DBK, proceed to the Tools menu and select "Generate a SSL certificate".
  2. Enter the information related to Certificate Identity.
  3. Select type of encryption: 40 or 128 bits.
  4. The private key and the certificate request (CSR) are then generated.
  5. Copy the private key into a file and name it key.pem. This file has to replace the one provided by default in the 4DBK folder (The key.pem file should reside on same level as the 4DBK application).
  6. Copy the certificate request (CSR) into a temporary file, give it any name you wish.
  7. Close the "Generate a SSL certificate" window without saving anything. You have all the relevant information stored in the 2 files created in steps 5 and 6.
  8. Go to the certificate authority site of your choice and copy the certificate request in your temp file and paste it in the appropriate place. Continue with your application for a certificate from that certificate authority. You normally would have to wait a day or so for your application to process. In this case, you can close any 4DBK related application if necessary.
  9. When you receive the certificate, copy and save it in a file named cert.pem. This file has to replace the one provided by default in the 4DBK folder (The cert.pem file should reside on same level as the 4DBK application).
  10. Launch your 4DBK application. You should now be able to make https connections to your 4DBK Server.