In this tutorial, we will show you how to generate a CSR on NGINX.
We are going to use the OpenSSL utility to create your CSR code for NGINX. Please, follow the steps below:
Step 1: Connect to your server’s terminal
Use the Secure Shell (SSH) to connect to the terminal.
Step 2: Initiate the CSR creation
At the prompt, run the following command:
openssl req -new -newkey rsa:2048 -nodes -keyout example.key -out example.csr
Replace example with your actual domain name. For instance, if you want to secure www.yourdomain.com, enter yourdomain.key and yourdomain.csr
Step 3: Fill in your info
Submit the required details into the CSR. Fill in the fields as shown below:
- Country Name: specify the two-letter country code where your organization is legally registered. (e.g. US)
- State or Province Name: here you must enter the full name of the state or region where your organization is legally located (e.g. Georgia)
- Locality Name: enter the full name of the city where your business is registered
- Organization Name: indicate the legal name of your organization. (e.g. GPI Holding LLC)
- Organization Unit Name: type the name of the department dealing with the SSL Certificates (e.g. IT)
- Common Name: enter the FQDN (Fully Qualified Domain Name) that you want to secure. (e.g. yourdomain.com)
Note: For Wildcard certificate, include an asterisk in front of the domain name (e.g. *.yourdomain.com).
- Email Address: type a valid email address
- The Challenge Password and Optional Company Name attributes are optional. To avoid confusing, we recommend leaving these fields blank
Once you’ve filled in the fields above, the OpenSSL utility will generate the CSR code and private key files.