Generate a CSR for Apache / NEXEN
1- Create the private key
-
Connect under
root
with ssh and go to the setup repertory of your Apache SSL server.
cd /etc/apache-ssl
-
The key is generated with the following command (define a name that suits you):
openssl genrsa 2048 > www.example.com.key
-
If you want to be protected by a password (that will be requested each time Apache will be restarted), add:
"-des3"
after "genrsa"). -
You can enhance the key quality by adding, after "genrsa",the following instructions:
"-rand/var/log/messages"
.
It enables random numbers to be used.
Make a backup copy of this .key file!
-
Protect your file with:
chmod 400 www.example.com.key
2- Create the certificate request (CSR)
-
Use this command to generate the CSR:
openssl req -new -key www.example.com.key > www.example.com.csr
-
The system will ask you to fill in fields ; Fill them in by following the instructions given on the page Obtain a server certificate
Country Name (2 letter code) []
State or Province Name (full name) [Some-State]
Locality Name (eg, city) []
Organization Name (eg, company) []
Organizational Unit Name (eg, section) []: (Do not fill - advised - or enter a generic term such as "IT Department".)
Common Name (eg, YOUR name) []: (the name of the website you want to secure)
Email Address []: (let blank)
3- Place an order request
- Use the appropriate link to place your order on our website and select ApacheSSL as software. See Access a, order form
- Copy/paste the content of the www.exemple.com.csr file in the form.
Last edited on 01/08/2015 16:45:59 --- [search]