If your Apache server is running on Debian, follow the steps below to generate your CSR code on Debian:
You’ll perform the whole CSR generation process via the secure shell (SSH) protocol.
Step 1: Log into your server
Step 2: Create the CSR file and the private key for your certificate
Enter the following command at the prompt:
openssl req -new -newkey rsa:2048 -nodes -keyout mywebsite.key -out mywebsite.csr
Note: Replace mywebsite with your real domain name. For example, if your domain name is example.com, you must enter example.key and example.csr.
Step 3: Submit the required information about your company to the CA
Fill in the fields as shown below:
- Country Name – enter the two-letter country code where your organization is officially registered. For the United States, you’ll type “US”, for Canada “CA”. If you’re not sure about the abbreviation of your country, here you can find the full list of country codes.
- State or Province –type the full name of the state or province where you’re legally doing business
- City or Locality – again, provide the full name of the city where your company is located
- Organization Name – if you bought a Domain Validation certificate, enter your full name. If you purchased Business or Extended Validation SSL, enter your organization’s legal name; for example, (GPI Holding LLC)
- Organizational Unit Name – type “IT” or “Web Administration”. These departments are usually in charge of SSL management
- Common Name – here you must enter the fully qualified domain name (FQDN) you want to protect; for example, ssldragon.com
Note: For a wildcard certificate, you must include an asterisk in front of your domain name; for example, *.ssldragon.com. Do not add “https” or any other characters.
- Email Address – provide a valid email address
- A challenge password – this is an optional attribute. If you decide to create a password, write it down or make sure to remember it
- An optional company – this is another option attribute. You can add your Brand name, or leave the field blank.
Your CSR and private key files are ready. You can find them in your working directory via the