Open SSL Creating Certificate Signing Request — CSR Generation

A Certificate Authority will use a CSR to create your SSL certificate.

What is a CSR? A CSR or ‘Certificate Signing Request’ is a block of encrypted text, that is generated on the server that the certificate will be used on.

It contains information that will be included in your certificate, such as your organization name, common name (domain name), locality, and country. It also contains the public key that will be included in your certificate.

Run these OpenSSL commands, to generate your Certificate Signing Request.

Step 1: Generate a Private Key

$ openssl genrsa -out shellhacks.com.key 2048

If you need just to renew existence certificate and you already have the private key, you can skip this step and use it, instead of generating new one.

The number 2048 is the size of the key, in bits. Today, 2048 or higher is recommended for RSA keys, as fewer amount of bits is consider insecure or to be insecure pretty soon.

Step 2: Generate the CSR

$ openssl req -new -key shellhacks.com.key -out shellhacks.com.csr

The fields, required in a Certificate Signing Request, are listed below with explanations and examples :

Distinguished Name FieldExplanationExample
Common Name The fully qualified domain name (FQDN) for your web server. This must be an exact match. If you intend to secure the URL https://www.shellhacks.com/, then your CSR’s common name must be: www.shellhacks.com
Organisation The exact legal name of your organisation. Do not abbreviate your organisation name. ShellHacks Ltd.
Organisation Unit Section of the organisation, can be left empty if this does not apply to your case. Development department
City/Locality The city where your organisation is legally located. Balham
State/County/Region The state/county/region where your organisation is legally located. Must not be abbreviated. London
Country The two-letter ISO abbreviation for your country. GB
Email address The email address used to contact your organisation. info@shellhacks.com
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Używanie rsync poprzez Secure Shell
Viewed 41113 times since Thu, May 24, 2018
RHEL: Displaying/setting kernel parameters - ’sysctl’
Viewed 2911 times since Sat, Jun 2, 2018
How to use yum command on CentOS/RHEL
Viewed 10908 times since Wed, Oct 17, 2018
OpenSSL: Check SSL Certificate Expiration Date and More
Viewed 6690 times since Mon, Feb 18, 2019
PROCESSOR AND MEMORY INFORMATION
Viewed 5506 times since Sat, Jun 2, 2018
Understanding System auditing with auditd
Viewed 9675 times since Fri, Apr 5, 2019
RHCS6: Show/Add GFS2/GFS journals
Viewed 12671 times since Sun, Jun 3, 2018
Linux – Securing your important files with XFS extendend attributes
Viewed 7487 times since Wed, Jul 25, 2018
high swap space utilization in LINUX
Viewed 6491 times since Fri, Jul 13, 2018
Jak ustawić LVM, jak robić snapshoty oraz automatycznie powiększać LV, czyli małe howto
Viewed 4477 times since Sun, May 20, 2018