CSR is generated in 2 steps.
I. Private key generation
1. Log into server and open the Terminal application.
2. At the prompt type commands from below and press return after each one:
cd
openssl md5 * > rand.dat
openssl genrsa -rand rand.dat -des 2048 > key.pem
3. At the next prompt type a password and return again. The password unlocks server's certificate key. You will need it after enabled SSL on server.
4. Create a directory ssl.key, if it does not exist on the server:
/etc/httpd/ssl.key5. Copy a key.pem to ssl.key directory and change the name on server.key.
II. CSR file creation
1. At the prompt type the following command and press return:
openssl req -new -key key.pem -out csr.pem
2. Enter the following information:
Country: enter two-letter country code, e.g. UK,
State: state or province where organization operates,
Locality: town or city,
Organization Name: full name of company,
Organization Unit: division which is responsible for SSL,
Common Name: fully qualified domain name you want to secure,
E-mail address: contact mail.
The file csr.pem is generated from the data you provided.
3. You can open it with text editor. CSR is necessary to issue a SSL certificate.
- 44 Users Found This Useful
Related Articles
What is CSR and who needs it?
A Certificate Signing Request is a text generated on the server that is used to create your SSL...
Apache/OpenSSL
To generate a pair of private key and public Certificate Signing Request (CSR) for a webserver,...
Apache (with mod_ssl)
Installing SSL certificate on Apache with mod_ssl To install certificate you need 2...
Apache (Multi-Domain version)
To generate CSR file which includes more than one Fully Qualified Domain Name, you need to...
Barracuda SSL VPN
Generating a Certificate Signing Request for Barracuda VPNFrom the appliance web interface,...
