Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Go to Haptik Website
  • Contact Us
  • Home
  • Developer Guides
  • CIBIL integration

How to Generate the CSR Token

Written by Soham Amburle

Updated on April 19th, 2023

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Getting Started
    Build Deploy Analyse Manage Account Bot Deactivation
  • Bot Building
    Essentials Smart Skills Steps User Messages Bot Responses Entities Connections Customisations User feedback collection Testing Whatsapp Bots NLU Bot Maintenance
  • Smart Agent Chat
    Set up Admin Settings MyChats Section (Agent Inbox) Live Traffic Section Teams Section Archives Section Analytics Plans on Smart Agent Chat
  • Conversation Design
    Design Basics Design Guides Designing for Platforms Designing WhatsApp Bots
  • Developer Guides
    Code Step Integration Static Step Integration Shopify Integration SETU Integration Exotel Integration CIBIL integration Freshdesk KMS Integration PayU Integration Zendesk Guide Integration Twilio Integration Razorpay Integration LeadSquared Integration USU(Unymira) Integration Helo(VivaConnect) Integration Salesforce KMS Integration Stripe Integration PayPal Integration CleverTap Integration Fynd Integration HubSpot Integration Magento Integration WooCommerce Integration Microsoft Dynamics 365 Integration
  • Deployment
    Web SDK WhatsApp Facebook Instagram Sunshine Conversation LINE Google Business Messages Telegram MS Teams Bot as an API iOS SDK Android SDK
  • External Agent Tool Setup
    Zendesk Chat Salesforce Service Cloud Freshchat Zoho NICE CXOne Gorgias
  • Analytics & Reporting
    Intelligent Analytics
  • Notifications
    SMS Notifications Success Measurement
  • Commerce Plus
    Catalog Integration Bot Building Guide Channel Deployments Unified ML Pipeline Documentation
  • Troubleshooting Guides
    Error Messages FAQs
  • Release Notes
+ More

You would need a CRS token, for acquiring ATLAS Web Service Partner Integration Service, in order to use the "cibil_loan_recommendation" Smart Skill on your bot. 

Following are the steps involved in generating the CSR token -

Assumptions:  

  • Operating system: Red Had Enterprise Linux 6.x/7.x - Extended key usage is not configured in OpenSSL.  
  • root/sudo access is available to change the configuration files.  

Step 1: Backup /etc/pki/tls/openssl.cnf  

[root@hostname #] cd /etc/pki/tls/  
[root@hostname tls] cp -rfv openssl.cnf openssl.cnf-backup  

Step 2.1: Find the [req] section of openssl.cnf file, and modify it in order to match the following.

[ req ]  
default_bits = 1024  
default_md = sha256 
default_keyfile = privkey.pem  
distinguished_name = req_distinguished_name  
attributes = req_attributes  
x509_extensions = v3_ca # The extentions to add to the self signed cert  req_extensions = v3_req req_extensions = req_ext x509_extensions =  usr_cert  

Step 2.2: Find the [usr_cert] section of openssl.cnf file, and modify it in order to match the following.

[ usr_cert ] basicConstraints=CA:FALSE  
nsCertType = client, server, email  
keyUsage = nonRepudiation, digitalSignature, keyEncipherment extendedKeyUsage  = serverAuth, clientAuth, codeSigning, emailProtection  
nsComment = "OpenSSL Generated Certificate"  
subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer  

Step 2.3: Find [v3_req] section of openssl.cnf file, and modify it in order to match the following.

extendedKeyUsage = serverAuth, clientAuth, codeSigning, emailProtection basicConstraints  = CA:FALSE  
keyUsage = nonRepudiation, digitalSignature, keyEncipherment 

Step 2.4: Find [req_ext]section of openssl.cnf file, and modify it in order to match the following.

[ req_ext ]  
subjectAltName = @alt_names  
[alt_names]  
DNS.1 = yourAltDomain1.com  
DNS.2 = yourAltDomain3.com DNS.3  
= yourAltDomain3.com  

Step 3: Generate a private key. 

Command:

openssl genrsa -des3 -out www.domain-name.com.key 2048  
Sample--- 
[user@hostname ~]$ openssl genrsa -des3 -out www. domain-name.key 2048  
Generating RSA private key, 2048 bit long modulus  
...................+++  
.........................+++  
e is 65537 (0x10001)  

Response:

Enter a pass phrase for www.domain-name.com.key:  
Verifying - Enter pass phrase for www.domain-name.com.key:  

Delete

Note:

You need to create the pass phrase which is a password used for the private key that we are creating. It is essential for security purposes so that there are no instances of unauthorized access or manipulations done on the private key.

Step 4: Generate CSR

Command: 

openssl req -config /etc/pki/tls/openssl.cnf -new -key www. domain-name.com.key -out www.  domain-name.com.csr  
Sample--- 
[user@hostname ~]$ openssl req -config /etc/pki/tls/openssl.cnf -new -key www. domain-name.com.key  out www. domain-name.com.csr  

Response:

Enter pass phrase for www.domain-name.com.key:  

You will be asked to enter information that will be incorporated into your certificate request. It is called a Distinguished Name or a DN. There are a few fields where you need to provide data, and you can leave some blank. For some fields, there will be a default value, wherein if you enter  '.', the field will be kept blank.  

Sample:

Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:Maharashtra
Locality Name (eg, city) [Default City]: Mumbai

Organization Name (Company name): Company Ltd.
Organizational Unit Name (section): IT Support
Common Name (You can add your name or your server's hostname): www.xyz.com 
Email Address: info@xyz.com  

Please enter the following 'extra' attributes to be sent with your certificate request A
a challenge password []: 
An optional company name []:

Delete

Note: 

All the details mentioned in Step 4, are the ones that you will have to provide, and these will be added to your CSR Certificate. These are your company-specific details.


Step 5: Check CSR and ensure if the extended key usage is present.

[user@hostname ~]$ openssl req -in domainname.com.csr -text –noout  

You should be able to see something similar -

Requested Extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication, Code Signing, E-mail Protection  X509v3 Basic Constraints: 
CA:FALSE  

Delete

Note: 

Step 5 is part of a test, in order to ensure the extended key usage is present. When you are running the command, and if you get the response as stated above, you are good to go.

Step 6: Check CSR and ensure if the SAN values are present.

[user@hostname ~]$ openssl req -in domainname.com.csr -text –noout | grep DNS  

You should be able to see alternate domain names which you have provided in the openssl.cnf.

DNS: yourAltDomain1.com,
DNS: yourAltDomain2.com,
DNS: yourAltDomain3.com    

Step 7: Share this CSR with TransUnion CIBIL.  

Private Key and pass phrase are to be preserved and protected.

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • How to Set Up CIBIL Integration on Haptik Bot
  • How Does "cibil_loan_recommendation" Smart Skill Work
  • How to Generate P12 Certificate for CIBIL

Platform

  • Conversation Studio
  • Smart Skills
  • Advanced NLU
  • Intelligent Analytics
  • Omnichannel
  • Smart Agent Chat
  • Enterprise Security
  • Integrations

Solutions

  • Conversational Commerce
  • Lead Generation
  • Customer Care
  • WhatsApp
  • Conversational IVR
  • Google Business Messages

Industries

  • Retail/ E-Commerce
  • Financial Services
  • Travel & Hospitality
  • Telecom

Knowledge

  • ROI Calculator
  • Reports & Research
  • Case Studies
  • Webinars
  • ISAT
  • Tech Blog
  • Business Blog
  • Resources
  • Haptik v/s Yellow
  • Haptik v/s Liveperson
  • Haptik v/s IBM Watson
  • Haptik v/s Verloop
  • Conversations on AI

Company

  • Why Haptik
  • About Us
  • Careers
  • News & Media
  • Awards & Recognition
  • Contact Us
  • Partnerships
  • Investor Relations

Subscribe

Sign up to recieve the latest updates

Find us on

  • Twitter-footer
  • Linkedin-footer
  • YT-footer
  • Insta-footer
  • G2-footer
  • Facebook-footer

Knowledge Base Software powered by Helpjuice

Copyright © jio Haptik Technology Limited 2021 | Data Security & Privacy Policy | GDPR

North America | Asia Pacific | Africa | enterprise@haptik.ai

Definition by Author

0
0