To get SSL certificate from certificate authority, CSR (Certificate Signing Request) and private key are required. In this small tutorial, we will see how to generate them easily on your Linux box.
How to generate CSR and key
On your Linux terminal enter a below command. Make sure to replace mydomain.key and mydomain.csr with your own filenames.
openssl req -newkey rsa:2048 -nodes -keyout mydomain.com.key -out mydomain.com.csr
Now OpenSSL program will ask few details. Provide them as per your requirement. You can skip last 2 attributes (or even more).
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:IN State or Province Name (full name) [Some-State]:Andhra Pradesh Locality Name (eg, city) :Hyderabad Organization Name (eg, company) [Internet Widgits Pty Ltd]:LaymanClass Organizational Unit Name (eg, section) :Product Development Common Name (e.g. server FQDN or YOUR name) :mydomain.com Email Address :email@example.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password : An optional company name :
Now OpenSSL will generate two files mydomain.com.key and mydomain.com.csr in current directory. You can now get SSL certificates from your certificate authority by providing them your newly generated CSR.
Hope this help you ! Stay awesome !