How to Generate a Certificate Signing Request (CSR) in Ubuntu?

This tutorial will explain to you how to create a CSR on a server that is running Ubuntu, Apache, and SSH. Before processing for CSR generation, make sure you have purchased SSL/TLS Certificate.

Below is the procedure you should follow to complete the CSR process.

Steps for Generating a Certificate Signing Request (CSR) in Ubuntu

Step 1: Log into Your Server

Access Your Server via SSH: Imagine you have just entered the command line interface of your server: Use the SSH command to connect to the terminal. When executing the commands make sure you are authorized to do so.

ssh username@your_server_ip

Step 2: Create the Private Key and CSR Files

Generate a Private Key and CSR: The following command should be in the terminal to create a new private key and CSR.

openssl req -new -newkey rsa:2048 -nodes -keyout mydomain.key -out mydomain.csr

Note: Here is the list of parameters to input in the php file: Instead of ‘mydomain type in your actual domain name.

For instance, suppose that the domain name that you wanted to register was ‘example. If you are visiting com, then you have to type an example.key and example.csr.

Step 3: Fill in Your Details

When asked to, be as informative as possible regarding the organizational data to the Certificate Authority (CA).

Below is a checklist of what information should be provided:

1. Country Name: Type in two letters and one letter if the country where your business is legally located is, for example, the United States – “US”.
2. State or Province: Please input the whole state or province of your company’s registration without any abbreviation.
3. City or Locality: State the full official name of the city where your organization is located using the city name in full and not in abbreviation.
4. Organization Name: In the case of Business Validation (BV) and Extended Validation (EV) certificates, type your Full Legal Name (e.g. “Company LLC”). For the Domain Validation (DV) certificates, which are the most basic, you can insert your full name.
5. Organizational Unit Name: This most often includes the department handling the SSL, like the “IT Department” or the “Web-Admins”.
6. Common Name: Type the fully qualified domain name or FQDN for the site you wish to protect in this case it could be example.com.

Note: If you have bought wildcard ssl certificate, include an asterisk (*) before your domain name ( e.g *. example. com). Include only the website’s name and do not add ‘https’ and any other characters before the name.

7. Email Address: Give a valid email address.
8. A Challenge Password: This is an optional field for users to fill up for security issues. If you chose to set a password, ensure that you remember it since there is usually no method of recovery in the event that you forget the password.
9. An Optional Company Name: This field is optional but it is recommended to fill at least the organization name. You can put another name for your company if you want to.

Step 4: Locate Your CSR and Private Key Files

• Find the Generated Files: The command will generate two files in your working directory: mydomain.csr and mydomain.key. Use the ls command to confirm their presence.
• Open the CSR File: Open the CSR file using a text editor such as Nano or Vim to copy its content.

Step 5: Submit the CSR to the Certificate Authority

• Copy the CSR Content: Open the CSR file in a text editor (such as Notepad on Windows) and copy all the text, including the —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—– lines.
• Submit the CSR: During your SSL certificate order process, paste the entire CSR content into the designated field on the Certificate Authority’s website.

Once you done with the CSR generation, You can follow the SSL Installation Steps to Apache Ubuntu.

Conclusion

Join thousands of secure websites with SSL certificates from CheapSSLweb. Affordable, reliable, and easy to install. Protect your data and boost customer trust. Buy your SSL certificate today!