Differences

This shows you the differences between two versions of the page.

Link to this comparison view

opensslcsr [2016/06/01 11:48]
yassine chaouche created
opensslcsr [2016/06/01 12:21] (current)
yassine chaouche
Line 4: Line 4:
 A CSR is a **C**ertificate **S**igning **R**equest,​ this is like a form you present to a **C**ertificate **A**uthority (or CA for short) to obtain a certificate signed by them. It has to include minimal information like your public key and the domain or domains you wish to obtain a certificate for. The **C**ertificate **A**uthority will present you with some challenges to make sure you really own the domain. A CSR is a **C**ertificate **S**igning **R**equest,​ this is like a form you present to a **C**ertificate **A**uthority (or CA for short) to obtain a certificate signed by them. It has to include minimal information like your public key and the domain or domains you wish to obtain a certificate for. The **C**ertificate **A**uthority will present you with some challenges to make sure you really own the domain.
  
-A CSR is obtained with the openssl **req** command, like so : +A CSR is obtained with the openssl **req** command
  
 <​code>​ <​code>​
-openssl req -new -sha256 -key domain.key -subj "/"​ -reqexts SAN -config <(cat /​etc/​ssl/​openssl.cnf <(printf "​[SAN]\nsubjectAltName=DNS:​example.com,​DNS:​www.example.com"​)) > domain.csr+openssl req -new
 </​code>​ </​code>​
 +
 +If you already have a private/​public key pair, supply your private key with the -key option
 +
 +<​code>​
 +openssl req -new -key private.key
 +</​code>​
 +
 +Don't forget to add the -out option if you don't want to copy/paste the certificate from the console to where it should belong
 +
 +<​code>​
 +openssl req -new -key private.key -out form.csr
 +</​code>​
 +
 +the ''​openssl req''​ program will guide you through a series of questions to fill out your certificate request form and generate one for you. 
 +
  
  

QR Code
QR Code opensslcsr (generated for current page)