Home / Tutorials / How to generate a CSR in CentOS?

How to Generate a CSR in CentOS?

In this tutorial, we will show you how to generate a CSR in CentOS 7 & 6. You can generate the CSR straight from your server.

Just follow the steps below:

Step 1: Log into your server using the secure shell (SSH)

Step2: Create the private key and CSR files

Type the following command at the prompt:

openssl req -new -newkey rsa:2048 -nodes -keyout mydomain.key -out mydomain.csr

Make sure you replace mydomain with your actual domain name. For example, if your domain name is example.com, you must enter example.key and example.csr.

Step 3: Submit details about your organization to the CA

Follow the examples below:

  • Country Name – Use the two-letter abbreviation for the country where your organization is officially registered. For example, if it is registered in the United States, enter US, if in the United Kingdom, type UK
  • State or Provence – Enter the full name of the state or province where your organization is registered
  • City or Locality –Enter the full name of the city where your organization is located
  • Organization Name – If you’re applying for a Business Validation or Extended Validation certificate, enter your company’s legal name. If you’re applying for a Domain Validation certificate, use your full name instead
  • Organizational Unit Name – Here you can enter your DBA (doing as business) name if applicable. Alternatively, you can specify the department that manages the SSL certificates. For example, IT or Web Administration
  • Common Name – Enter the fully qualified domain name (FQDN) you want to secure. (e.g. ssldragon.com)
    Note: If you’re applying for a Wildcard SSL certificate, you must add an asterisk in front of your domain name. For example, *.ssldragon.com. Do not include “https” or any other characters in this field.
  • Email address – Enter a valid email address as a means of contact for your domain
  • Password – This field is optional. You may further secure your SSL certificate with a password, or you can leave this field blank.

Your CSR code is ready! You can find it in your working directory with the ls command. The two new files are yourdomainname.csr, and yourdomainame.key.

The .csr file contains the certificate signing request that you’ll need to submit to the Certificate Authority when ordering your SSL Certificate.