How to Create SSL Certificate Signing Request (CSR) in Linux
CSR stands for ‘Certificate Signing Request’, that is generated on the server where the certificate will be used on. A CSR contains information about to your organization and domain name, locality, and country and public key that will be included in your certificate.
- Log in to your server's terminal (SSH).
- At the prompt, type the following command:
openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
Note: Replace yourdomain with the domain name you're securing. For example, if your domain name is yourdomain.com, you would type yourdomain.com.key and yourdomain.com.csr.
- Enter the requested information:
- Common Name: The fully-qualified domain name, or URL, you're securing.
If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.yourdomain.com.
- Organization: The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor's name.
- Organization Unit: If applicable, enter the DBA (doing business as) name.
- City or Locality: Name of the city where your organization is registered/located. Do not abbreviate.
- State or Province: Name of the state or province where your organization is located. Do not abbreviate.
- Country: The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.
Note: If you do not want to enter a password for this SSL, you can leave the Passphrase field blank. However, please understand there might be additional risks.
- Open the CSR in a text editor and copy all of the text.
- Paste the full CSR into the SSL enrollment form in your account.
In order to generate CSR you required OpenSSL to be installed on your server. If it is not installed then use below command to install it.
# yum install openssl
Was this answer helpful?
Powered by WHMCompleteSolution