The following lesson will guide you through the CSR generation process on Apache OpenSSL.
What is CSR?
A Certificate Signing Request (CSR code) is a block of encoded text that contains the information about the organization that applies for an SSL certificate, and the domain that needs to be secured. A CSR is what you give to the Certificate Authority to generate your SSL certificate. It is an essential part of obtaining an SSL certificate.
Generate a CSR for Apache OpenSSL
- Log in to your server’s terminal, via Secure Shell (SSH).
- Generate a private key and CSR by running the following command:
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
Note: Replace “server ” with the domain name you intend to secure.
- Enter the following CSR details as follows:
- Common Name: domain.tld (Use the actual certificate domain).
- Organization: Organization name
- Organization Unit (OU): IT Department
- City or Locality: Tripoli
- State or Province: Tripoli
- Country: LY
- Locate and open the newly created CSR in a text editor such as Notepad and copy all the text (including BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST) to use it for SSL generation.