HOW TO GENERATE A CSR IN LINUX (OPENSSL, NGINX, APACHE)

If you prefer to create your own shell commands to generate your Apache CSR, follow the instructions below.

1- Connect to your server through your terminal client (ssh). </ StrongSI you prefer to create your own shell commands to generate your Apache CSR, follow the instructions below.

2- Connect to your server through your terminal client (ssh).

3- Execute the command

At the prompt, type the following command:

Note: Make sure to replace the server with the name of your server.

openssl req –new –newkey rsa:2048 –nodes –keyout server.key –out server.csr

4- Generate files

    A- You have now started the process of generating the following two files:

    • Private key file: used to generate the CSR and later to secure and verify connections using the certificate.
    • Certificate Signing Request (CSR) File: Used to order your SSL certificate and later to encrypt messages that only its corresponding private key can decrypt.

    B- When you are prompted to enter the common name (domain name), type the fully qualified domain (FQDN) for the site you are going to secure.

Note: If you are generating an Apache CSR for a Wildcard certificate, make sure your common name begins with an asterisk (for example, * .example.com).

    C- When prompted, enter your organizational information, starting with your geographic information.

Note: You may have already configured the default information.

    D- Now your OpenSSL .csr file is created.

5- Order your certificate SSL / TLS

   A- Open the .csr file you created with a text editor.

   B- Copy the text, including the tags  —– BEGIN NEW CERTIFICATE REQUEST —–  et  —– END NEW CERTIFICATE REQUEST —– , and paste it into the OXABOX order form.

6- Save the private key

Save (save) the generated .key file. You will need it later to install your SSL certificate.

7- Install the certificate

After receiving your SSL certificate from OXABOX, you can install it on your server.

 

Do you need help to install a CSR  on Linux? Do not hesitate to contact us.