How to Generate a CSR in CentOS?

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...
Generate CSR in CentOS

This tutorial will help you to understand how to generate a CSR on CentOS 7 and 6 machines step by step. This CSR is required when applying for an SSL certificate from Certificate Authority or CA.

Follow Quick Steps for CSR Generation in CentOS:

Step 1: Log into Your Server Using Secure Shell (SSH)

Before one is able to generate a CSR, he has to open the server. This is accomplished by the use of secure shell (SSH); this is a protocol for accessing a command line interface through a network.

  • Open your terminal: From the command prompt of an operating system in your local computer open the terminal.
  • Connect to your server: Typing the following command, username with the actual server username and server_ip with the actual IP of the server.
ssh username@server_ip
  • Authenticate: Type in your password if you are asked for the username and password to log into the system.

Step 2: Create the Private Key and CSR Files

When connected to the server you have to generate a private key and CSR. The certificate will be held on the server and it is recommended that the private key is secured in a centralized point and the CSR is transferred to the CA for validation.

  • Generate the private key and CSR: At the prompt, enter the following command substituting mydomain by your domain name. For example, if your domain name is example.com, you should use example.key and example.csr.
openssl req -new -newkey rsa:2048 -nodes -keyout mydomain.key -out mydomain.csr
  • Provide details: Some details that will be required of your organization will be displayed to you. All this information will be incorporated in your CSR.

Step 3: Submit Details About Your Organization

When prompted, enter the following details about your organization:

Country Name: Use the two-letter abbreviation for the country in which your organization is incorporated/officially situated.

For instance, if it is registered in the United States then type in the US. If it is in the United States type America, if in the United Kingdom type UK.

Country Name (2 letter code) [AU]: US

State or Province Name: Please enter the name of the state or province where your organization is registered with full name. Do not abbreviate.

State or Province Name (full name) [Some-State]: California

Locality Name (City): Please provide the name of the full city you operate from in your organization.

Locality Name (eg, city) []: San Francisco

Organization Name (Company): If you are applying for Business Validation (BV) or Extended Validation (EV) certificate, fill your company’s legal name here. Though, if it is for a Domain Validation (DV) certificate only, enter your full name.

Organization Name (eg, company) [Internet Widgits Pty Ltd]: My Company Inc

Organizational Unit Name (Department): If available, add the name of the organization doing business as (DBA) or the department that is in charge of the SSL certificates including IT or Web Administration.

Organizational Unit Name (eg, section) []: IT

Common Name (Domain Name): To do that, type the fully qualified domain name (FQDN) you need to be protected.

Common Name (e.g. server FQDN or YOUR name) []: ssldragon.com

Note for Wildcard Certificates: If you are applying for a Wildcard SSL certificate then you have to prefix your domain name with an asterisk. This is not https:// or any other character Enter the exact address without https or any other characters.

Email Address: Provide a valid email address as a way of being contacted for the given domain.

Email Address []: [email protected]

Password: This field is optional. You may further secure your SSL certificate with a password, or you can leave this field blank.

A challenge password []:

Step 4: Locate Your CSR and Private Key Files

The form completion will then create your CSR and private key files, and place them in the directory that you began the command in.

  • List the files: In case you want to list down the files that you have in your directory, then you can run the ls command.
  • Identify the files: You should now have two new files: mydomain.csr and mydomain.key.
  • The .csr file: This file stores the Certificate Signing Request which needs to be provided to the CA at the time of ordering an SSL Certificate.
  • The .key file: This file holds your private key and it’s important that it is safely guarded and not be disclosed to any other person.

Step 5: Submit the CSR to Your Certificate Authority (CA)

Once you have a CSR file, you can then approach a Certification Authority of your preference to acquire a SSL certificate.

  • Access the CA’s website: Visit the website of your selected CA and navigate to the page where you can begin an SSL certificate request.
  • Submit the CSR: As such, in response to the prompt that asks to insert the contents of the mydomain file into the post, we have the following: csr file into the CSR text box. To edit the CSR file you can use text editors such as the nano text editor or vim text editor.
nano mydomain.csr
  • Complete the form: Provide any additional information required by the CA and proceed with paying for the item.

Step 6: Install Your SSL Certificate

After confirmation of the CSR by your CA and then issuance of the SSL certificate, you can go ahead and install the SSL certificate on your CentOS server.

Conclusion

By choosing CheapSSLWeb, you are opting for a trusted provider dedicated to offering quality SSL certificates at the best prices. Join thousands of satisfied customers who have secured their websites with us.

Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.