Difference between revisions of "Generate a certificate request for a commercial Certificate Authority"

From Organic Design wiki
(add a note about storage of files)
(Change source-code blocks to standard format)
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
[[Category:Sysop procedures]]
+
[[Category:Sysop procedures]][[Category:SSL]]
 
Generate a key for the certificate request.
 
Generate a key for the certificate request.
{{code|<pre>
+
<source>
 
openssl genrsa -out www.foo.com.key 2048
 
openssl genrsa -out www.foo.com.key 2048
</pre>}}
+
</source>
  
  
 
The next line will prompt for certificate details. The common name (CN) ''must'' be the same as the domain name of the web site.
 
The next line will prompt for certificate details. The common name (CN) ''must'' be the same as the domain name of the web site.
{{code|<pre>
+
<source>
 
openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr
 
openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr
</pre>}}
+
</source>
  
  
 
The resulting file will look something like:
 
The resulting file will look something like:
{{code|<pre>
+
<source>
 
-----BEGIN CERTIFICATE REQUEST-----
 
-----BEGIN CERTIFICATE REQUEST-----
 
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
 
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
Line 20: Line 20:
 
...
 
...
 
-----END CERTIFICATE REQUEST-----
 
-----END CERTIFICATE REQUEST-----
</pre>}}
+
</source>
  
 
==Storage of certificate-related files==
 
==Storage of certificate-related files==
 
These are all stored on organicdesign.co.nz under ''/root/ssl''.
 
These are all stored on organicdesign.co.nz under ''/root/ssl''.

Latest revision as of 18:11, 22 May 2015

Generate a key for the certificate request.

openssl genrsa -out www.foo.com.key 2048


The next line will prompt for certificate details. The common name (CN) must be the same as the domain name of the web site.

openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr


The resulting file will look something like:

-----BEGIN CERTIFICATE REQUEST-----
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
....
...
...
-----END CERTIFICATE REQUEST-----

Storage of certificate-related files

These are all stored on organicdesign.co.nz under /root/ssl.