Home » Categories » Linux

Open SSL Creating Certificate Signing Request — CSR Generation

Article Number: 498 | Rating: Unrated | Last Updated: Mon, Feb 18, 2019 4:52 PM

A Certificate Authority will use a CSR to create your SSL certificate.

What is a CSR? A CSR or ‘Certificate Signing Request’ is a block of encrypted text, that is generated on the server that the certificate will be used on.

It contains information that will be included in your certificate, such as your organization name, common name (domain name), locality, and country. It also contains the public key that will be included in your certificate.

Run these OpenSSL commands, to generate your Certificate Signing Request.

Step 1: Generate a Private Key

$ openssl genrsa -out shellhacks.com.key 2048

If you need just to renew existence certificate and you already have the private key, you can skip this step and use it, instead of generating new one.

The number 2048 is the size of the key, in bits. Today, 2048 or higher is recommended for RSA keys, as fewer amount of bits is consider insecure or to be insecure pretty soon.

Step 2: Generate the CSR

$ openssl req -new -key shellhacks.com.key -out shellhacks.com.csr

The fields, required in a Certificate Signing Request, are listed below with explanations and examples :

Distinguished Name FieldExplanationExample
Common Name The fully qualified domain name (FQDN) for your web server. This must be an exact match. If you intend to secure the URL https://www.shellhacks.com/, then your CSR’s common name must be: www.shellhacks.com
Organisation The exact legal name of your organisation. Do not abbreviate your organisation name. ShellHacks Ltd.
Organisation Unit Section of the organisation, can be left empty if this does not apply to your case. Development department
City/Locality The city where your organisation is legally located. Balham
State/County/Region The state/county/region where your organisation is legally located. Must not be abbreviated. London
Country The two-letter ISO abbreviation for your country. GB
Email address The email address used to contact your organisation. info@shellhacks.com
Posted - Mon, Feb 18, 2019 4:52 PM. This article has been viewed 1489 times.
Filed Under: Linux
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
RHEL: Extending the maximum inode count on a ext2/ext3/ext4 filesystem
Viewed 2630 times since Sun, May 27, 2018
stunnel Howto A Guide to create SSL access to a HTTP-only webserver with stunnel
Viewed 2301 times since Fri, Sep 28, 2018
Inxi – A Powerful Feature-Rich Commandline System Information Tool for Linux
Viewed 18590 times since Sat, Jun 2, 2018
SSH ProxyCommand example: Going through one host to reach another server
Viewed 12671 times since Tue, Aug 6, 2019
How To Set Up an SSL Tunnel Using Stunnel on Ubuntu
Viewed 2809 times since Fri, Sep 28, 2018
Linux Screen
Viewed 1702 times since Sat, Jun 2, 2018
Using Kerberos security with Server for NFS
Viewed 8649 times since Wed, Jun 27, 2018
8 Vim Tips And Tricks That Will Make You A Pro User
Viewed 2594 times since Fri, Apr 19, 2019
Migrate a Linux System from Red Hat Enterprise to CentOS
Viewed 9778 times since Fri, May 15, 2020
LVM: Extend SWAP size by growing existing Logical Volume
Viewed 2119 times since Sat, Jun 2, 2018