Customer Service | mail Send Email

Generate CSR for Apache HTTP Server using OpenSSL

Help & Support

 

SHOULD YOU NEED ANY ASSISTANCE?
Kindly contact us

Generate CSR for Apache HTTP Server using OpenSSL

Pre-requisite

  • Apache Webserver (HTTP) 2.0 and above with mod_ssl
  • OpenSSL 1.0.1
  • Access to server physically or using any VNC
  • Root account

If you require an SSL certificate to secure a domain hosted using Apache server, you need to first generate a Certificate Signing Request (CSR). To generate a new CSR you need to:

  1. Launch command prompt or your system console and run the OpenSSL tool from where it was installed on your system for example:
    /usr/local/ssl/bin
  2. Once openssl is started, generate a new private key to use for securing the domain and to use for generating the new CSR as below:
    [root@digicert root]# cd /etc/pki/tls/certs/
    [root@digicert certs]# openssl req -out my-domain.csr -new -newkey rsa:2048 -nodes -keyout my-domain.key
    Generating a 2048 bit RSA private key
    ...+++
    ....................+++
    writing new private key to 'my-domain.key'
    -----
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [AU]:MY
    State or Province Name (full name) [Some-State]:Wilayah Persekutuan
    Locality Name (eg, city) []:Kuala Lumpur
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company Sdn Bhd
    Organizational Unit Name (eg, section) []:My IT Department
    Common Name (e.g. server FQDN or YOUR name) []:my-domain.com.my
    Email Address []:
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
  3. Note: Do not enter any challenge password and optional company password. To skip this just press Enter. Remember to replace all these value with the appropriate value for your organization.
  4. Verify that a set of .csr and .key file is generated.
    [root@digicert root]# ls
    my-domain.csr    my-domain.key
  5. Copy the content of the file my-domain.csr into your local PC using notepad and send it to us for further processing.
csr apache httpd openssl 
( RATING: 3.4  /  VOTES: 5 )