Knowledgebase
Apple Mac OS X Server Print this Article
CSR is generated in 2 steps.
I. Private key generation
1. Log into server and open the Terminal application.
2. At the prompt type commands from below and press return after each one:
cd
openssl md5 * > rand.dat
openssl genrsa -rand rand.dat -des 2048 > key.pem
3. At the next prompt type a password and return again. The password unlocks server's certificate key. You will need it after enabled SSL on server.
4. Create a directory ssl.key, if it does not exist on the server:
/etc/httpd/ssl.key5. Copy a key.pem to ssl.key directory and change the name on server.key.
II. CSR file creation
1. At the prompt type the following command and press return:
openssl req -new -key key.pem -out csr.pem
2. Enter the following information:
Country: enter two-letter country code, e.g. UK,
State: state or province where organization operates,
Locality: town or city,
Organization Name: full name of company,
Organization Unit: division which is responsible for SSL,
Common Name: fully qualified domain name you want to secure,
E-mail address: contact mail.
The file csr.pem is generated from the data you provided.
3. You can open it with text editor. CSR is necessary to issue a SSL certificate.
I. Private key generation
1. Log into server and open the Terminal application.
2. At the prompt type commands from below and press return after each one:
cd
openssl md5 * > rand.dat
openssl genrsa -rand rand.dat -des 2048 > key.pem
3. At the next prompt type a password and return again. The password unlocks server's certificate key. You will need it after enabled SSL on server.
4. Create a directory ssl.key, if it does not exist on the server:
/etc/httpd/ssl.key5. Copy a key.pem to ssl.key directory and change the name on server.key.
II. CSR file creation
1. At the prompt type the following command and press return:
openssl req -new -key key.pem -out csr.pem
2. Enter the following information:
Country: enter two-letter country code, e.g. UK,
State: state or province where organization operates,
Locality: town or city,
Organization Name: full name of company,
Organization Unit: division which is responsible for SSL,
Common Name: fully qualified domain name you want to secure,
E-mail address: contact mail.
The file csr.pem is generated from the data you provided.
3. You can open it with text editor. CSR is necessary to issue a SSL certificate.
Was this answer helpful?
Related Articles
What is CSR and who needs it?
A Certificate Signing Request is a text generated on the server that is used to create your SSL...
A Certificate Signing Request is a text generated on the server that is used to create your SSL...
Apache/OpenSSL
To generate a pair of private key and public Certificate Signing Request (CSR) for a webserver,...
To generate a pair of private key and public Certificate Signing Request (CSR) for a webserver,...
Apache (with mod_ssl)
Installing SSL certificate on Apache with mod_ssl To install certificate you need 2...
Installing SSL certificate on Apache with mod_ssl To install certificate you need 2...
Apache (Multi-Domain version)
To generate CSR file which includes more than one Fully Qualified Domain Name, you need to...
To generate CSR file which includes more than one Fully Qualified Domain Name, you need to...
Barracuda SSL VPN
Generating a Certificate Signing Request for Barracuda VPNFrom the appliance web interface,...
Generating a Certificate Signing Request for Barracuda VPNFrom the appliance web interface,...