A Certificate Signing Request (CSR) for a domain is a very first step to obtain an SSL certificate, even for renewing existing Certificate. A CSR is a standardized request with information the Certificate Authority (CA) needs before issuing an SSL for you.
A CSR is composed of these three parts:
Private key
Public key
Distinguished name (organizational information)
Install OpenSSL tool (if not yet)
Windows
Download installation package from https://wiki.openssl.org/index.php/Binaries.
Double click the installation file
If the following error appears, you should install Microsoft Visuall C++ Redistributables first.
Install as instruction of installation process.
Linux
$ sudo apt update && sudo apt upgrade -y
$ sudo apt install build-essential checkinstall zlib1g-dev -y
$ cd /usr/local/src
$ sudo wget https://www.openssl.org/source/openssl-1.1.1c.tar.gz
$ sudo tar -xf openssl-1.1.1c.tar.gz
$ sudo openssl-1.1.1c
$ sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
$ sudo make
$ sudo make test
$ sudo make install
$ cd /etc/ld.so.conf.d/
$ sudo vim openssl-1.1.1c.conf
/usr/local/ssl/lib
$ sudo ldconfig -v
$ sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup
$ sudo mv /usr/bin/openssl /usr/bin/openssl.backup
$ sudo vim /etc/environment
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/ssl/bin"
$ which openssl
/usr/local/ssl/bin/openssl
$ openssl version -a
OpenSSL 1.1.1c 28 May 2019
build on: Tue Jul 2 12:40:11 2019 UTC
platform: linux-x86_64
Create a RSA Private Key and CSR
Run this command and fill some neccessary information
$ openssl req -new -newkey rsa:2048 -nodes -keyout airwallet365.com.key -out airwallet365.com.csr
To create a distinguished name, enter the following required information:
Country Name: Your two-letter country code.
State or Province Name: Full name of your state or province.
Locality Name: Full name of your city or town.
Organization Name: The name of your company or organization.
Common Name: Your Fully Qualified Domain Name (FQDN)
As an optional step, enter the following optional information:
Email Address
Challenge Password
Optional Company Name
Organizational Unit Name
Your CSR & Private key will be stored in: airwallet365.com.key and airwallet365.com.csr
You can verify entered information with command:
$ openssl req -noout -text -in airwallet365.com.csr
Now send your CSR to the CA.
Comments