How to Generate Certificate Signing Request CSR and SSL Certificates On Ubuntu 16 | Webhosting Tutorial

Submitted by techyboy on Thu, 10/19/2017 - 21:05
Generating CSR request and SSL Certificates

An SSL ( Secure Socket Layer ) certificate enables accessing your website over HTTPS ( Hyper Text Transfer Protocol Secure ). Websites with SSL certificate are shown along with a Green Padlock Icon in the address bar of most of the modern browsers. HTTPS websites enable confidence in visitors and make them feel secure and genuine. Customers happily do transactions on sites with HTTPS. Here, you are going to learn how to successfully generate a Certificate Signing Request and SSL certificate on a linux based OS like Ubuntu 16.

Also Read Choosing a Bluehost Devcloud Cloud Server & Managing Your Cloud Apps Drupal, Wordpress, Joomla Like a Pro | Cloud Hosting Tutorial

Generate a Certificate Signing Request

Open Ubuntu Linux Console with your username and password. Type the following command.

console> openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

Type all the requested answers meanwhile. Take care when typing FQDN with the exact extension name like com, in, info etc.

Generating a 2048 bit RSA private key
writing new private key to 'yourdomain.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:IN
Locality Name (eg, city) []:IN
Organization Name (eg, company) [Internet Widgits Pty Ltd]:techy
Organizational Unit Name (eg, section) []:techy
Common Name (e.g. server FQDN or YOUR name) []
Email Address []


Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:abcedfghi
An optional company name []:techy

Two files will be created in the file system. File path depends on the path from where you executed the command. In general, you can get these files from the /root folder.



Here .csr file contains the Code ( Public Key) Required to generate SSL. .key file is the private key which you should not show to the outside world.


Generate SSL Certificate Using CSR File Code

Purchase a new SSL Certificate from a reputed company like Godaddy, Comodo and Thawte etc. This new SSL is a blank SSL which is not associated with any Domain. Go to Options / Configure against the purchased SSL. Under CSR ( Certificate Signing Request ), Copy the contents of yourdomain.csr ( Simply Open with Notepad) and paste. Submit your changes. Wait for creation of SSL Certificate. You will be able to download the certificates after successful verification of domain and business address which will be done automatically.

Add new comment

Related Content