...
| Code Block | ||
|---|---|---|
| ||
openssl req -new -key server.key -out server.csr |
You will be promotedThe prompted to enter information about the certificate. The values should reflect your organization.
A not so obvious prompt is Common Name (eg, YOUR Name). This value should not be your name. Instead it should be the base domain name of your website. In our example, it will be earth.com.
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
/private/ssl-keys-earth.com$ openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CA
State or Province Name (full name) [Some-State]:Ontario
Locality Name (eg, city) []:Toronto
Organization Name (eg, company) [Internet Widgits Pty Ltd]:The Planet Earth Incorporated
Organizational Unit Name (eg, section) []:Earth Defence
Common Name (eg, YOUR name) []:earth.com
Email Address []:admin@earth.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
|
The CSR file will be used by the CA to issue the Web Server's certificate.
...