Difference between revisions of "Generate a certificate request for a commercial Certificate Authority"

Latest revision as of 18:11, 22 May 2015

Generate a key for the certificate request.

openssl genrsa -out www.foo.com.key 2048

The next line will prompt for certificate details. The common name (CN) must be the same as the domain name of the web site.

openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr

The resulting file will look something like:

-----BEGIN CERTIFICATE REQUEST-----
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
....
...
...
-----END CERTIFICATE REQUEST-----

These are all stored on organicdesign.co.nz under /root/ssl.

@@ Line 1: / Line 1: @@
+[[Category:Sysop procedures]][[Category:SSL]]
 Generate a key for the certificate request.
- openssl genrsa -out www.foo.com.key 2048
+<source>
+openssl genrsa -out www.foo.com.key 2048
+</source>
 The next line will prompt for certificate details. The common name (CN) ''must'' be the same as the domain name of the web site.
- openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr
+<source>
+openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr
+</source>
 The resulting file will look something like:
-<pre>
+<source>
 -----BEGIN CERTIFICATE REQUEST-----
 MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
@@ Line 11: / Line 20: @@
 ...
 -----END CERTIFICATE REQUEST-----
-</pre>
+</source>
+==Storage of certificate-related files==
+These are all stored on organicdesign.co.nz under ''/root/ssl''.