Creating Certificate Signing Request -- CSR Generation
A Certificate Authority will use a CSR to create your SSL certificate.
What is a CSR? A CSR or 'Certificate Signing Request' is a block of encrypted text, that is generated on the server that the certificate will be used on.
It contains information that will be included in your certificate, such as your organization name, common name (domain name), locality, and country. It also contains the public key that will be included in your certificate.
Run these OpenSSL commands, to generate your Certificate Signing Request.
Step 1 : Generate a Private Key
If you need just to renew existence certificate and you already have the private key, you can skip this step and use it, instead of generating new one.
Step 2 : Generate the CSR
The fields, required in a Certificate Signing Request, are listed below with explanations and examples :
|Distinguished Name Field||Explanation||Example|
|Common Name||The fully qualified domain name (FQDN) for your web server. This must be an exact match.||If you intend to secure the URL https://www.shellhacks.com/, then your CSR's common name must be: www.shellhacks.com|
|Organisation||The exact legal name of your organisation. Do not abbreviate your organisation name.||ShellHacks Ltd.|
|Organisation Unit||Section of the organisation, can be left empty if this does not apply to your case.||Development department|
|City/Locality||The city where your organisation is legally located.||Balham|
|State/County/Region||The state/county/region where your organisation is legally located. Must not be abbreviated.||London|
|Country||The two-letter ISO abbreviation for your country.||GB|
|Email address||The email address used to contact your firstname.lastname@example.org|