Generate CSR - OpenSSL

Oct 21, 2020

Generate CSR - OpenSSL

Introduction

This article provides step-by-step instructions for generating a Certificate Signing Request (CSR) in OpenSSL. This is most commonly required for web servers such as Apache HTTP Server and NGINX. If this is not the solution you are looking for, please search for your solution in the search bar above.

Switch to a working directory

To generate a CSR in Apache OpenSSL, you can check the video below for a tutorial.

Or, you can follow the step by step guidelines below.

GNU/Linux & Mac OS X users:
Open a terminal and browse to a folder where you would like to generate your keypair

Windows Users:
Navigate to your OpenSSL "bin" directory and open a command prompt in the same location.

Generate a CSR & Private Key:
openssl req -out CSR.csr -new -newkey rsa:2048 -keyout privatekey.key

To generate a 4096-bit CSR you can replace the rsa:2048 syntax with rsa:4096 as shown below.
openssl req -out CSR.csr -new -newkey rsa:4096 -keyout privatekey.key

Note: You will be prompted to enter a password in order to proceed. Keep this password as you will need it to use the Certificate.

Fill out the following fields as prompted:
Note: The following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?.,&

Field Example
Country Name US (2 Letter Code)
State or Province New Hampshire (Full State Name)
Locality Portsmouth (Full City name)
Organization GMO GlobalSign Inc (Entity's Legal Name)
Organizational Unit   Support (Optional, e.g. a department)
Common Name www.globalsign.com (Domain or Entity name)

You should now have a Private Key (privatekey.key) which should stay on your computer, and a Certificate Signing Request (CSR.csr), which can be submitted to GlobalSign to sign your public key. Each of these files can be viewed in a plain text editor such as Notepad, TextEdit, Vi, Nano, and Notepad++.

Related Articles

GlobalSign System Alerts

View recent system alerts.

View Alerts

Atlas Discovery

Scan your endpoints to locate all of your Certificates.

Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.

Contact Support