Home / Tutorials / How to Generate a CSR / How to Generating CSR on Heroku

How to Generate a CSR on Heroku?

In this tutorial, we will show you how to generate a CSR on Heroku.

Since you can’t generate a CSR code directly on Heroku, you have two alternative options. You can use our CSR Generator tool, and it will automatically create the CSR and private key, based on your information. Or, you can generate the CSR on your local environment using OpnSSL, a built-in utility in Apache and Nginx servers.

If you decide on the OpenSSL option, please follow the steps below:

At the prompt, run the following command:

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

Replace “server” with the domain name you want to secure.

The command will initiate the CSR and private key generation.

Now, you’ll be prompted to fill in all the required fields. Use the examples below as a reference:

  • Common Name – type the Fully Qualified Domain Name (FQDN) you want to protect. For instance, ssldragon.com
    Note: If you’re generating a CSR for a wildcard certificate, add an asterisk in front of your domain name. For example, *.ssldragon.com.
  • Country – enter the two-letter country code. If you’re registering an organization, make sure to provide the country of its legal origin. (e.g. US)
  • State or Province – specify the state or region where your company is legally located (e.g. Nevada)
  • City – name the city where your business is legally registered (e.g. Las Vegas)
  • Organization – submit the legal name your organization. For instance, GPI Holding LLC. For Domain Validation Certificates, submit NA
  • Organizational Unit – specify the department in charge of SSL management. For example, IT. If you have a DV certificate, enter NA
  • E-mail address – provide a valid email address

Once you’ve completed all the required information, you should have your CSR code (.csr file) and private key (.key file) in the folder when you ran the command

Next, open the .csr file with any text editor and copy the whole text, including the —–BEGIN NEW CERTIFICATE REQUEST—– and —–END NEW CERTIFICATE REQUEST—– tags (you can use ctrl + a hotkey to select the entire text) and paste it during your SSL order process with SSL Dragon.

Back up the .key file. You will need it during the SSL installation.

Now, you have to wait until the CA verifies and validates your SSL request. Depending on the type of certificate, the process may take between a couple of minutes and 7 business days. Once you’ve received the certificate files in your inbox, you can install the SSL certificate on Heroku.