How to Generate a CSR on Postfix?
In this tutorial, we will show you how to generate a CSR on Postfix.
Since Postfix doesn’t encrypt individual emails, but the communication between clients and servers, the optimal way to generate a CSR is via the OpenSSL utility. It should already be installed on your server, but if it isn’t, you can also download OpenSSL.
Please, follow the steps below to create your CSR:
Run the following command:
openssl req -new -newkey rsa:2048 -nodes -out certreq.txt -keyout private.key
In the OpenSSL wizard, enter your contact information:
- Country Name: specify the two-letter code of your country. For instance, US or UK.
- State or Province: name the state where your company is located. For example, Georgia
- Locality: enter the city where your company is registered. For example, Atlanta
- Organization Name: write the full legal name of your company. For instance, You Company LLC
- Organizational Unit: enter the name of the department within your company requesting the SSL certificate. It could be IT or Web Administration
- Common Name: specify the FQDN (fully-qualified domain name) you want to secure with an SSL Certificate. For example, yoursite.com
- Email address: provide a valid email address
- Challenge password: you can leave this field blank
- An optional company name: you can leave this field blank
The OpenSSL utility will now generate and store your CSR and private key files on your server.
During the order process with your SSL vendor, you will have to open the CSR file and copy-paste the whole text into the corresponding box. Use any text editor such as Notepad to open the CSR code.