top of page

Request New/Renew your SSL Certificate with generated CSR and Private Key

A Certificate Signing Request (CSR) for a domain is a very first step to obtain an SSL certificate, even for renewing existing Certificate. A CSR is a standardized request with information the Certificate Authority (CA) needs before issuing an SSL for you.

A CSR is composed of these three parts:

  • Private key

  • Public key

  • Distinguished name (organizational information)

Install OpenSSL tool (if not yet)


  1. Download installation package from

  2. Double click the installation file

  3. If the following error appears, you should install Microsoft Visuall C++ Redistributables first.

  4. Install as instruction of installation process.


$ sudo apt update && sudo apt upgrade -y
$ sudo apt install build-essential checkinstall zlib1g-dev -y
$ cd /usr/local/src
$ sudo wget
$ sudo tar -xf openssl-1.1.1c.tar.gz
$ sudo openssl-1.1.1c
$ sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
$ sudo make
$ sudo make test
$ sudo make install
$ cd /etc/
$ sudo vim openssl-1.1.1c.conf


$ sudo ldconfig -v
$ sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup
$ sudo mv /usr/bin/openssl /usr/bin/openssl.backup
$ sudo vim /etc/environment


$ which openssl


$ openssl version -a

OpenSSL 1.1.1c 28 May 2019
build on: Tue Jul 2 12:40:11 2019 UTC
platform: linux-x86_64

Create a RSA Private Key and CSR

Run this command and fill some neccessary information

$ openssl req -new -newkey rsa:2048 -nodes -keyout -out

To create a distinguished name, enter the following required information:

  • Country Name: Your two-letter country code.

  • State or Province Name: Full name of your state or province.

  • Locality Name: Full name of your city or town.

  • Organization Name: The name of your company or organization.

  • Common Name: Your Fully Qualified Domain Name (FQDN)

As an optional step, enter the following optional information:

  • Email Address

  • Challenge Password

  • Optional Company Name

  • Organizational Unit Name

Your CSR & Private key will be stored in: and

You can verify entered information with command:

$ openssl req -noout -text -in

Now send your CSR to the CA.

89 views0 comments


Betygsatt till 0 av 5 stjärnor.
Inga omdömen ännu

Lägg till ett betyg
Stationary photo

Be the first to know

Subscribe to our newsletter to receive news and updates.

Thanks for submitting!

Follow us
bottom of page