In this step-by-step tutorial, we will show you how you can generate a CSR on Apache.
Just follow the steps below.
Step 1: Connect via Secure Shell (SSH) to your server’s terminal
Step 2: Create the private key and CSR files
Type the following command at the prompt:
openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
Don’t forget to replace yourdomain with your real domain name. For example, if your domain is ssldragon.com, you type ssldragon,key and ssldragoin.csr
Step 4: Provide up-to-date details about your company to the CA
Include the following information into the CSR. Please, use only alphanumeric characters when entering your details.
- Country Name: enter the two-letter code of your country. If you have a Business Validation or Extended Validation certificate, make sure the country you submit, is the official residence of your organization
- State or Province Name: type the full name of the state or region where your company is registered
- Locality Name: specify the name of the city or town where your business is located
- Organization Name: enter the officially registered name of your company. For instance, GPI Holding LLC. For Domain Validation certificates, you can put in NA instead
- Organization Unit Name: it’s usually IT or Web Administration. You can sue NA for DV certificates
- Common Name: specify the Fully Qualified Domain Name (FQDN) to which you want to assign your SSL certificate. For example, ssldragon.com. If you want to activate a wildcard certificate, add an asterisk in front of your domain name (e.g. *.ssldragon.com)
- Email Address: provide a valid email address
Note: Next attributes are optional. If you don’t want to fill them in input a dot (.) to leave them blank.
- A challenge password: this is an obsolete attribute, no longer required by the Certificate Authorities. To avoid any confusion, leave this field blank
- An Optional Company Name: If your official company name seems too long or complex, you can enter a shorter name or your brand name here. Again, to avoid confusion, we recommend ignoring this field
Step 3: The OpenSSL utility will instantly create two files.
- key containing your private key (you will need it later during SSL installation)
- csr incorporating your CSR code (you will need it when applying for your SSL certificate)