A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the webform in the enrollment process:<\/p>\n
To generate a pair of private and public keys and to create a Certificate Signing Request (CSR) for a webserver, “server”, use the following commands:<\/p>\n
openssl req -new -nodes -keyout myserver.key -out server.csr<\/p>\n
This creates two files. The file myserver.key contains a private key; do not disclose this file to anyone. Carefully protect the private key.<\/p>\n
In particular, be sure to backup the private key, as there is no means to recover it should it be lost. The private key is used as input in the command to generate a Certificate Signing Request (CSR).<\/p>\n
You will now be asked to enter details to be entered into your CSR. What you are about to enter is what is called a Distinguished Name or a DN.<\/p>\n
For some fields there will be a default value, If you enter ‘.’, the field will be left blank.<\/p>\n
—– Please enter the following ‘extra’ attributes to be sent with your certificate request<\/p>\n A challenge password []: Use the name of the webserver as Common Name (CN). If the domain name is mydomain.com append the domain to the hostname (use the fully qualified domain name).<\/p>\n The fields email address<\/strong>, optional company name<\/strong> and challenge password<\/strong> can be left blank for a webserver certificate.<\/p>\n Your CSR will now have been created. Open the server.csr in a text editor and copy and paste the contents into the online enrollment form when requested.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" Generating a Certificate Signing Request (CSR) using OpenSSL A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the webform in the enrollment process: Generate keys and certificate: To generate a pair of private\u2026<\/p>\n
\nCountry Name (2 letter code) [AU]: GB<\/strong>
\nState or Province Name (full name) [Some-State]: Yorks<\/strong>
\nLocality Name (eg, city) []: York<\/strong>
\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]: MyCompany Ltd<\/strong>
\nOrganizational Unit Name (eg, section) []: IT<\/strong>
\nCommon Name (eg, YOUR name) []: mysubdomain.mydomain.com<\/strong>
\nEmail Address []:<\/p>\n
\nAn optional company name []:
\n—–<\/p>\n