Facebook Twitter Instagram
    TecAdmin
    • Home
    • Ubuntu 20.04
      • Upgrade Ubuntu
      • Install Java
      • Install Node.js
      • Install Docker
      • Install LAMP Stack
    • Tutorials
      • AWS
      • Shell Scripting
      • Docker
      • Git
      • MongoDB
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    Home»Linux Tutorials»How to Generate Certificate Signing Request (CSR) on Linux

    How to Generate Certificate Signing Request (CSR) on Linux

    RahulBy RahulNovember 8, 20133 Mins ReadUpdated:July 14, 2020

    CSR stands for ‘Certificate Signing Request’, that is generated on the server where the certificate will be used on. A CSR contains information about to your organization and domain name, locality, and country and a public key that will be included in your certificate.

    This article has 3 methods to create CSR (Certificate Signing Request) on Linux systems. You can choose any one of below methods. All methods will do the same task, only they have a detailed explanation.

    • How to Install Self Signed Certificate in Apache

    Method 1 – Using Single Command

    We can create CSR using the single command like below. But make sure you have installed OpenSSL package on your system. The below command will first create a private key and then generate CSR. This command will also require few details as input.

    openssl req -new -newkey rsa:2048 -nodes -keyout tecadmin.net.key  -out tecadmin.net.csr 
    

    Method 2 – Short Instructions

    Below are three simple commands to generate CSR. You may also use detailed instructions to do it.

    sudo yum install openssl         ## Redhat based systems 
    sudo dnf install openssl         ## Fedora systems 
    sudo apt install openssl         ## Debian based systems 
    
    openssl genrsa -out tecadmin.net.key 2048 
    
    openssl req -new -key tecadmin.net.key -out tecadmin.net.csr 
    

    Method 3 – Detailed Instructions

    Step 1: Install Required Packages

    In order to generate CSR, you required OpenSSL to be installed on your system. If it is not already installed use below command to install it.

    sudo yum install openssl         ## Redhat based systems 
    sudo dnf install openssl         ## Fedora systems 
    sudo apt-get install openssl     ## Debian based systems 
    
    Step 2: Generate Key for your Domain.

    Firstly you required root access to generate a key file. So login as root and use below command to generate a key.

    openssl genrsa -out tecadmin.net.key 2048 
    

    Sample output:

    Generating RSA private key, 2048 bit long modulus
    ........................................+++
    ....................................................+++
    e is 65537 (0x10001)
    

    At the end of the command, it showing 2048, which is the length of the key in bits. Most of CA required 2048 bit length keys. Above command will create a key file tecadmin.net.key, which is used in step 3.

    Step 3: Generate CSR for your Domain using Key

    After generating a key, next steps are to generate CSR for the domain. Use below command to generate CSR file, This command will prompt for your organization and common name, locality, email, and country. Common Name must be the same as your domain name.

    openssl req -new -key tecadmin.net.key -out tecadmin.net.csr 
    

    Sample Output:

    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [XX]: IN
    State or Province Name (full name) []: Uttar Pradesh
    Locality Name (eg, city) [Default City]: Lucknow
    Organization Name (eg, company) [Default Company Ltd]: TecAdmin Pvt Ltd
    Organizational Unit Name (eg, section) []: BLOG
    Common Name (eg, your name or your server's hostname) []: tecadmin.net
    Email Address []: [email protected]
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    

    Above command will generate a file tecadmin.net.csr in the current directory, Use this file to order your SSL from CA (Certificate Authority).

    References:

    http://wiki.centos.org/HowTos/Https
    http://www.centos.org/docs/4/4.5/System_Administration_Guide/Apache_HTTP_Secure_Server_Configuration-Generating_a_Key.html

    Create CSR csr Generate CSR ssl csr ssl key
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp
    Previous ArticleInstall SugarCRM 6.5.16 Community Edition on Linux
    Next Article How to Install Banshee 2.6 on Ubuntu

    Related Posts

    What is the /etc/aliases file

    2 Mins Read

    What is the /etc/nsswitch.conf file in Linux

    2 Mins Read

    How to Setup Squid Proxy Server on Ubuntu and Debian

    Updated:June 17, 20225 Mins Read

    How to Delete a Let’s Encrypt Certificate using Certbot

    Updated:June 3, 20222 Mins Read

    How to Install Latest Git on Ubuntu 22.04

    Updated:May 31, 20222 Mins Read

    How To Install LibreOffice on Ubuntu 22.04

    Updated:May 23, 20222 Mins Read

    1 Comment

    1. RoseHosting on November 9, 2013 1:01 pm

      Oneliner

      openssl req -new -newkey rsa:2048 -nodes -keyout domain.com.key -out domain.com.csr

      Reply

    Leave A Reply Cancel Reply

    Recent Posts
    • How To Install Docker on Ubuntu 22.04
    • How to Install Bower on Ubuntu 22.04 & 20.04
    • How to run “npm start” through Docker
    • Filesystem Hierarchy Structure (FHS) in Linux
    • How to accept user input in Python
    Facebook Twitter Instagram Pinterest
    © 2022 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.