top of page

Request New/Renew your SSL Certificate with generated CSR and Private Key



A Certificate Signing Request (CSR) for a domain is a very first step to obtain an SSL certificate, even for renewing existing Certificate. A CSR is a standardized request with information the Certificate Authority (CA) needs before issuing an SSL for you.

A CSR is composed of these three parts:

  • Private key

  • Public key

  • Distinguished name (organizational information)



Install OpenSSL tool (if not yet)

Windows

  1. Download installation package from https://wiki.openssl.org/index.php/Binaries.

  2. Double click the installation file

  3. If the following error appears, you should install Microsoft Visuall C++ Redistributables first.

  4. Install as instruction of installation process.

Linux

$ sudo apt update && sudo apt upgrade -y
$ sudo apt install build-essential checkinstall zlib1g-dev -y
$ cd /usr/local/src
$ sudo wget https://www.openssl.org/source/openssl-1.1.1c.tar.gz
$ sudo tar -xf openssl-1.1.1c.tar.gz
$ sudo openssl-1.1.1c
$ sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
$ sudo make
$ sudo make test
$ sudo make install
$ cd /etc/ld.so.conf.d/
$ sudo vim openssl-1.1.1c.conf

/usr/local/ssl/lib

$ sudo ldconfig -v
$ sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup
$ sudo mv /usr/bin/openssl /usr/bin/openssl.backup
$ sudo vim /etc/environment

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/ssl/bin"

$ which openssl

/usr/local/ssl/bin/openssl

$ openssl version -a

OpenSSL 1.1.1c 28 May 2019
build on: Tue Jul 2 12:40:11 2019 UTC
platform: linux-x86_64



Create a RSA Private Key and CSR

Run this command and fill some neccessary information

$ openssl req -new -newkey rsa:2048 -nodes -keyout airwallet365.com.key -out airwallet365.com.csr

To create a distinguished name, enter the following required information:

  • Country Name: Your two-letter country code.

  • State or Province Name: Full name of your state or province.

  • Locality Name: Full name of your city or town.

  • Organization Name: The name of your company or organization.

  • Common Name: Your Fully Qualified Domain Name (FQDN)

As an optional step, enter the following optional information:

  • Email Address

  • Challenge Password

  • Optional Company Name

  • Organizational Unit Name

Your CSR & Private key will be stored in: airwallet365.com.key and airwallet365.com.csr


You can verify entered information with command:

$ openssl req -noout -text -in airwallet365.com.csr

Now send your CSR to the CA.



89 views0 comments

Kommentarer

Betygsatt till 0 av 5 stjärnor.
Inga omdömen ännu

Lägg till ett betyg
Stationary photo

Be the first to know

Subscribe to our newsletter to receive news and updates.

Thanks for submitting!

Follow us
bottom of page