top of page

Request New/Renew your SSL Certificate with generated CSR and Private Key



A Certificate Signing Request (CSR) for a domain is a very first step to obtain an SSL certificate, even for renewing existing Certificate. A CSR is a standardized request with information the Certificate Authority (CA) needs before issuing an SSL for you.

A CSR is composed of these three parts:

  • Private key

  • Public key

  • Distinguished name (organizational information)



Install OpenSSL tool (if not yet)

Windows

  1. Download installation package from https://wiki.openssl.org/index.php/Binaries.

  2. Double click the installation file

  3. If the following error appears, you should install Microsoft Visuall C++ Redistributables first.

  4. Install as instruction of installation process.

Linux

$ sudo apt update && sudo apt upgrade -y
$ sudo apt install build-essential checkinstall zlib1g-dev -y
$ cd /usr/local/src
$ sudo wget https://www.openssl.org/source/openssl-1.1.1c.tar.gz
$ sudo tar -xf openssl-1.1.1c.tar.gz
$ sudo openssl-1.1.1c
$ sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
$ sudo make
$ sudo make test
$ sudo make install
$ cd /etc/ld.so.conf.d/
$ sudo vim openssl-1.1.1c.conf

/usr/local/ssl/lib

$ sudo ldconfig -v
$ sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup
$ sudo mv /usr/bin/openssl /usr/bin/openssl.backup
$ sudo vim /etc/environment

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/ssl/bin"

$ which openssl

/usr/local/ssl/bin/openssl

$ openssl version -a

OpenSSL 1.1.1c 28 May 2019
build on: Tue Jul 2 12:40:11 2019 UTC
platform: linux-x86_64



Create a RSA Private Key and CSR

Run this command and fill some neccessary information

$ openssl req -new -newkey rsa:2048 -nodes -keyout airwallet365.com.key -out airwallet365.com.csr

To create a distinguished name, enter the following required information:

  • Country Name: Your two-letter country code.

  • State or Province Name: Full name of your state or province.

  • Locality Name: Full name of your city or town.

  • Organization Name: The name of your company or organization.

  • Common Name: Your Fully Qualified Domain Name (FQDN)

As an optional step, enter the following optional information:

  • Email Address

  • Challenge Password

  • Optional Company Name

  • Organizational Unit Name

Your CSR & Private key will be stored in: airwallet365.com.key and airwallet365.com.csr


You can verify entered information with command:

$ openssl req -noout -text -in airwallet365.com.csr

Now send your CSR to the CA.



89 views0 comments

Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
Stationary photo

Be the first to know

Subscribe to our newsletter to receive news and updates.

Thanks for submitting!

Follow us
bottom of page