Certificate Signing Request (CSR) is the intermediate form of SSL certificate that enables a Certificate Authority (CA) to generate a signed SSL certificate and verify the identity of a domain’s owner. A CSR has encoded a file that provides you with a standardized way to send us your public key along with some information that identifies your company and domain name.
Install Required Packages:
First, we need to install the required packages. If the required packages are already installed then ignore this step.
# yum install openssl mod_ssl
Generate Private Key:
Before generating the CSR we need to generate the private key file. Run the below command to generate the key.
# openssl genrsa -out maddy.com 2048
Generating RSA private key, 2048 bit long modulus
…………………. …….. …….++++++
………………………… … … .. ++++++
e is 61764 (0x01001)
Enter passphrase for www.maddy.com.key:
Verifying – Enter pass phrase for www.techoism.com.key:
Generate a Certificate Signing Request (CSR):
After generating the private key, next you need to generate CSR using the above key. The command will ask some information regarding the domain.
# openssl req -new -key maddy.com.key -out maddy.com.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields, there will be a default value,
If you enter ‘.’, the field will be left blank.
Country Name (2 letter code) [XX]:IN
State or Province Name (full name) :Bangalore
Locality Name (eg, city) [Default City]:Bangalore
Organization Name (eg, company) [Default Company Ltd]:Maddy.com.
Organizational Unit Name (eg, section) :BLOGSITE
Common Name (eg, your name or your server’s hostname) :maddy.com
Email Address :email@example.com
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password :
An optional company name :
You can also create the private key and CSR file using single command. The command first generate the private key then it will generate the CSR.
# openssl req -new -newkey rsa:2048 -nodes -keyout www.maddy.com.key -out www.maddy.com.csr
Now CSR has been generated successfully, use this file to order the SSL certificate.