Help & Support
SHOULD YOU NEED ANY ASSISTANCE?
Kindly contact us
Generate CSR for Apache HTTP Server using OpenSSL
Pre-requisite
- Apache Webserver (HTTP) 2.0 and above with mod_ssl
- OpenSSL 1.0.1
- Access to server physically or using any VNC
- Root account
If you require an SSL certificate to secure a domain hosted using Apache server, you need to first generate a Certificate Signing Request (CSR). To generate a new CSR you need to:
- Launch command prompt or your system console and run the OpenSSL tool from where it was installed on your system for example:
/usr/local/ssl/bin
- Once openssl is started, generate a new private key to use for securing the domain and to use for generating the new CSR as below:
[root@digicert root]# cd /etc/pki/tls/certs/ [root@digicert certs]# openssl req -out my-domain.csr -new -newkey rsa:2048 -nodes -keyout my-domain.key Generating a 2048 bit RSA private key ...+++ ....................+++ writing new private key to 'my-domain.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:MY State or Province Name (full name) [Some-State]:Wilayah Persekutuan Locality Name (eg, city) []:Kuala Lumpur Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company Sdn Bhd Organizational Unit Name (eg, section) []:My IT Department Common Name (e.g. server FQDN or YOUR name) []:my-domain.com.my Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
- Verify that a set of .csr and .key file is generated.
[root@digicert root]# ls my-domain.csr my-domain.key
- Copy the content of the file
my-domain.csrinto your local PC using notepad and send it to us for further processing.
Note: Do not enter any challenge password and optional company password. To skip this just press Enter. Remember to replace all these value with the appropriate value for your organization.