Generate a certificate request for a commercial Certificate Authority

From Organic Design wiki
Revision as of 08:29, 21 June 2009 by Rob (talk | contribs) (add a note about storage of files)

Generate a key for the certificate request.

openssl genrsa -out www.foo.com.key 2048


The next line will prompt for certificate details. The common name (CN) must be the same as the domain name of the web site.

openssl req -new -nodes -key www.foo.com.key -out www.foo.com.csr


The resulting file will look something like:

-----BEGIN CERTIFICATE REQUEST-----
MIICwzCCAasCAQAwfjELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0
....
...
...
-----END CERTIFICATE REQUEST-----

Storage of certificate-related files

These are all stored on organicdesign.co.nz under /root/ssl.