Difference between revisions of "Generate a certificate request for a commercial Certificate Authority"

From Organic Design
m
(not cat installation or procedures)
Line 1: Line 1:
[[Category:Sysop procedures]][[Category:Installation]]
 
 
Generate a key for the certificate request.
 
Generate a key for the certificate request.
openssl genrsa -out www.foo.com.key 2048
+
{{code|<pre>
 +
openssl genrsa -out www.foo.com.key 2048
 +
</pre>}}
 +
 
 +
 
 
The next line will prompt for certificate details. The common name (CN) ''must'' be the same as the domain name of the web site.
 
The next line will prompt for certificate details. The common name (CN) ''must'' be the same as the domain name of the web site.
openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr
+
{{code|<pre>
 +
openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr
 +
</pre>}}
 +
 
 +
 
 
The resulting file will look something like:
 
The resulting file will look something like:
<pre>
+
{{code|<pre>
 
-----BEGIN CERTIFICATE REQUEST-----
 
-----BEGIN CERTIFICATE REQUEST-----
 
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
 
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
Line 12: Line 19:
 
...
 
...
 
-----END CERTIFICATE REQUEST-----
 
-----END CERTIFICATE REQUEST-----
</pre>
+
</pre>}}

Revision as of 03:39, 2 May 2009

Generate a key for the certificate request.

openssl genrsa -out www.foo.com.key 2048


The next line will prompt for certificate details. The common name (CN) must be the same as the domain name of the web site.

openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr


The resulting file will look something like:

-----BEGIN CERTIFICATE REQUEST-----
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
....
...
...
-----END CERTIFICATE REQUEST-----