Home / Tutorials / How to Generate the CSR on Red Hat Linux

How to Generate a CSR on Red Hat Linux?

In this tutorial, we will show you how to generate a CSR on an Red Hat Linux.

Just follow the steps below:

Step 1: Make sure you have the Open SSL utility installed

It should come pre-installed in your system, but if you don’t have it, run the following command:

$ sudo yum install openssl

Step 2: generate your CSR and private key

Ttype the following command:

$ openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.csr

Note: replace the example.com with your actual domain name.

Step 3: Enter your information into the CSR

Please, use only alphanumeric characters when entering your details

  • Country Name: enter the two-letter code of your country.
  • State or Province Name: type the full name of the state or region where your company is registered
  • Locality Name: specify the name of the city or town where your business is located
  • Organization Name: enter the officially registered name of your company. For instance, GPI Holding LLC. For Domain Validation certificates, you can put in NA instead
  • Organization Unit Name: it’s usually IT or Web Administration. You can sue NA for DV certificates
  • Common Name: enter the Fully Qualified Domain Name (FQDN) you want to secure. For example, yourdomain.com. If you want to install a wildcard certificate, add an asterisk in front of your domain name (e.g. *.yourdomain.com)
  • Email Address: provide a valid email address
  • A challenge password: leave blank
  • An Optional Company Name: leave blank

The OpenSSL utility will instantly create two files:

  • .key containing your private key (you will need it later during SSL installation)
  • .csr containing your CSR code (you will need it when applying for your SSL certificate)

Open the yourdomain.csr file with a text editor of your choice, and copy-paste its content including the —–BEGIN CERTIFICATE REQUEST—– and footer —–END CERTIFICATE REQUEST—– tags during your order process with your SSL vendor.