How to Generate a CSR on NGINX Server?
To create a secure website using SSL/TLS for your Nginx server you will need to create a Certificate Signing Request (CSR). This guide is a step by step guide on how to generate a CSR using OpenSSL on Nginx.
Also Read: How to Enable HTTP/2 in NGINX Web Server?
However, in order to proceed, one must acquaint themselves with the importance of a Private Key and CSR. If you already have your CSR and SSL certificate, you should continue to the SSL Installation Instructions for Nginx using OpenSSL. Otherwise, follow these steps:
Step 1: Log in to Your Server’s Terminal
- Access Your Server via SSH: Open terminal on your server with the help of Secure Shell (SSH) client. You will need proper privileges at the terminal to run the commands that you are going to use.
ssh username@your_server_ip
Step 2: Enter CSR and Private Key Command
- Generate a Private Key and CSR: Here is the command to be entered in the terminal to create a new private key and CSR:
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
Note: Insert the address of the server you wish to protect instead of ‘server’.
Step 3: Enter Your CSR Details
When prompted, enter the following information:
- Common Name: The specific domain name to encrypt (for example: www. yourdomain. com, secure. website. org, *. domain. net for a wildcard SSL).
- Organization: Official corporate name of your organization with the corporate identifer.
- Organization Unit (OU): The specialty of the issued certificate for instance, ‘Information Technology’ or ‘Website Security’ department.
- City or Locality: The city in which the legal headquarters of your organization is located. Do not use abbreviations.
- State or Province: The legal place of incorporation of your organization whether state or province. Do not use abbreviations.
- Country: The official two letter country code like US, CA in which your organization is legally established.
Note: The system does not install a password for the login name and even not a passphrase. This field is optional, which means that if you do not supply it, your key pair will still work, but the SSH would be more secure if it contains this field.
Step 4: Generate the Order
- Locate and Open the CSR: Locate the new CSR file generated in your user directory depending on the SSH connection if differently set.
- Open the CSR in a Text Editor: Open the CSR file with the help of a text editor. Copy all the text, including the —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—– lines.
Note 1: Save your CSR in the directory you are in unless otherwise instructed.
Note 2: Backup your .key in as it will be needed later while installing the SSL certificate on the website’s server.
- Submit the CSR: Go back to the generation form of the website of your SSL provider and then copy the entire CSR and then paste it on the text box that is available. After that follow the instructions for the generation process of this program.
Step 5: Validation and Installation
- Complete the Validation Process: On submitting your CSR, the issuing CA will need validation depending on the purchased SSL certificate for the website. Some of the steps to follow to validate the CA are as follows The CA may have instructions regarding the validation to be followed.
- Receive and Install the SSL Certificate: Upon validation, your trusted SSL certificate from the CA ready for use will be issued to you. Now, For the SSL installation, Follow the SSL Installation Instructions for Nginx using OpenSSL to finish up.
Conclusion
Make your website safe by getting cheap ssl from CheapSSLweb we offer affordable ssl certificates. Find a solid encryption that will not compromise the amount of money you are willing to spend. Experience boosted security to your site today. Shop with us now.