Creating CSR and key using OpenSSL

Install OpenSSL on your computer if it is not already installed. OpenSSL is usually pre-installed on Linux, but you may need to install it on Windows or macOS. You can download OpenSSL from the OpenSSL website: https://www.openssl.org/source/

1 – Open a command prompt or terminal window.

2 – Navigate to the directory where you want to create the CSR and key.

3 – Generate a private key by typing the following command:

openssl genrsa -out private.key 2048

This command generates a 2048-bit private key and saves it in a file called “private.key” in the current directory.

4 – Create a CSR by typing the following command:

openssl req -new -key private.key -out csr.pem

This command creates a new CSR using the private key generated in step 4 and saves it in a file called “csr.pem” in the current directory.

5 – Follow the prompts to enter the information for the CSR. You will be asked for the following information:

  • Country Name (2-letter code): Enter the two-letter country code for the country where your organization is located.
  • State or Province Name (full name): Enter the full name of the state or province where your organization is located.
  • Locality Name (eg, city): Enter the city where your organization is located.
  • Organization Name (eg, company): Enter the name of your organization.
  • Organizational Unit Name (eg, section): Enter the name of your department or division within your organization.
  • Common Name (eg, fully qualified hostname): Enter the fully qualified domain name (FQDN) for the server that will be using the certificate. For example, if your website is located at “www.example.com”, enter “www.example.com”.
  • Email Address: Enter an email address where you can be reached.
  • Review the information you entered and confirm that it is correct.

6 – Save the CSR by typing the following command:

cat csr.pem

This command will display the CSR on the screen. You can copy and paste the contents of the CSR into a text file and submit it to a certificate authority to obtain a certificate.

That’s it! You have now created a CSR and key using OpenSSL.

Leave a Reply 0

Your email address will not be published. Required fields are marked *