- February 26, 2018
- Posted by: Mihir Purohit
- Categories:
For generating CSR on Ubuntu make sure to login to server using Root user.
In AWS bydefaul regular user will be “Ubuntu” so you need to login with it and then to switch to Root user.
Make Directory to store all the SSL certificates, we can create this directory at any path. In this example I am creating directory in /etc/apache2
Run the below command using Root user..
mkdir /etc/apache2/ssl
mkdir /etc/apache2/ssl/private
Next step is to generate CSR request for certificate..
cd /etc/apache2/ssl/
And Run the following Command
openssl req -new -newkey rsa:2048 -nodes -keyout sslcert.key -out newssl.csr
Here sslcert.key is your certificate keystore file and newssl.csr will be your Certificate Signing Request.
This command will prompt for some additional information:
Common Name: The fully-qualified domain name, or URL, you’re securing.If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.example.com.
Organization: The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor’s name.
Organization Unit: If applicable, enter the DBA (doing business as) name.
City or Locality: Name of the city where your organization is registered /located. Do not abbreviate.
State or Province: Name of the state or province where your organization is located. Do not abbreviate.
Country: The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.
If you do not want to enter a password for this SSL, you can leave the Passphrase field blank.
Open the CSR file in Text Editor, copy all the text and paste full text in your CA authority account form. Based on this CSR CA authority will provide the new certificates.
