Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Author Topic: How to Generate a Certificate Signing Request (CSR) with OpenSSL  (Read 2438 times)

0 Members and 1 Guest are viewing this topic.

sachinj

  • Guest
How to Generate a Certificate Signing Request (CSR) with OpenSSL
===========================================================================

OpenSSL is a common utility used to generate a pair of private key and public Certificate Signing Request (CSR) for Apache web servers.

1. Login to your Linux machine via SSH and type the following command. While issuing the command, don't forget to replace your-domain-name with your actual domain name.

Code: [Select]
openssl req -new -newkey rsa:2048 -nodes -keyout your-domain-name.key -out your-domain-name.csr
2. This command will generate two files, Private-Key file for the decryption of the SSL Certificate and Certificate Signing Request (CSR) file. You will now be asked to enter following information to generate the CSR key.

>  Common Name: Enter the Fully Qualified Domain Name of your website. When you generate a CSR key for Wildcard SSL, common name must start with * (asterisk). For Example, *.your-domain-name.com.
 > Organization: Enter the legal/registered name of your organization.
> Organization Unit: Enter  exact section of your organization, if applicable.
> City or Locality: Enter name of the city where your organization is registered. Do not abbreviate it.
> State or Province: Enter name of the state or province where your company is located. Do not abbreviate it.
> Country: Enter two letter ISO (International Organization for Standardization) abbreviation for your country.

3. Once the necessary information is filled up, you will get your-domain-name.csr and your-domain-name.key files in the folder where the command was run. Open your-domain-name.csr file with a text-editor. Copy CSR key and paste in SSL certificate request page. Similarly, open your-domain-name.key file to get a private key.

Thank's  :)
===========================================================================