Certificate Request

Before you can obtain/generate server certificate you need to have a private key and generate certificate request which contain essential information about you (the entity requesting certificate) and the domain for which you want the certificate.

  1. Generate the certificate request:

    openssl req -nodes -new -newkey rsa:2048 -keyout yourdomain.com.key -out yourdomain.com.csr

    You will be asked series of questions:

    Country Name (2 letter code) [AU]:AU
    State or Province Name (full name) [Some-State]:Somestate
    Locality Name (eg, city) []:Your city name
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:Company name
    Organizational Unit Name (eg, section) []:Department or any unit
    Common Name (eg, YOUR name) []:*.yourdomain.com
    Email Address []:your_email_address@somedomain.com
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
  2. The command will generate 2 files for you:

    1. yourdomain.com.csr
    2. yourdomain.com.key