Skip to main content

How to Generate CSR using Openssl in Linux

By Er.Susheel

Before Generating CSR ,let see what is Openssl.

 It is nothing but a core library ,which is used for general purpose in cryptography,it is an open source product which work towards the implementation of SSL and TLS protocols.

Talking about openssl, some people called the certificates generated from openssl as "self signed certificate".

lets go towards now,creating CSR and private key using openssl command,

Just log in to any of your Linux box and run following command as root user replacing the required information as per your need .

[root@SVR home]# openssl req -new -newkey  rsa:2048 -nodes -sha256 -out domain_name.csr -keyout domain_name.key -subj "/C=US/ST=state/L=locality/O=organization/OU=organization unit Dept/CN=www.domain.com"

 You will get output like :





Then check whether ,all the information we have entered ,while creating CSR is proper ,by decoding the CSR from some online tool.

First do the cat to the csr file

[root@SVR home]# cat domain_name.csr

-----BEGIN CERTIFICATE REQUEST-----
MIIDCDCCAfACAQAwgYExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIEwVzdGF0ZTERMA8G
A1UEBxMIbG9jYWxpdHkxFTATBgNVBAoTDG9yZ2FuaXphdGlvbjEfMB0GA1UECxMW
b3JnYW5pemF0aW9uIHVuaXQgRGVwdDEXMBUGA1UEAxMOd3d3LmRvbWFpbi5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ePkRLrz4fkMoRf05XAbw
vMQYGltC50cxGYheRprd/wlvqWmWSUaZBoreNR5jYBfZwRGwmGwsPXncJzN6/t/D
+r/Azfvb1wWxqg5QgAU+Gm/igSUM8ihnirFxBXfsIHDA4PNJ0GgM+y1jLnaEPMvP
vNDvPEtOhRcIoGcq6Dnd3x0JJtMp4x0RZ30U0/dbcgNtmrNh3dHMbVcH9/OmeRut
FnnLRmh+OGDlH9OjD5CbEOgk4XK29G6yt1vKQThFRmJ95QE+XSj+BMTq59cgmJ99
MAjj8E21PG44HHknwhi1Jno1tqguT8O8eXxUj8uhazkFbwNIw+bKG6kuBnmhiYdB
AgMBAAGgQTA/BgkqhkiG9w0BCQ4xMjAwMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXg
MBYGA1UdEQQPMA2CC2Rhd2dpbmMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBSy4tq
geUihlg+i0c53Y77WXuT5zEngrc3nvdyOcqhVwbzGUKAQJyz9DMc+pRo+rEi8gsN
1PVUgXclH5m7gQQxBcowWJEd7yXAw6ZLnwiNDGpStWbmUaZ5HLH4iM7hD8/8KWC7
ycdLyYg0TrljmizmbGchik5iGk+VIqffebLJkq2L+XkLVMLdMjoowGyZdOcz7BwO
wvhPB1DEOhDbQNiRHS4HVw5dWq79bUgxVPWb8gvVweL3rv2Yx+EdRtHe902kWbiN
12bBFeUNWYfIFARUP/SYvIl9qvTKQ6zgCwK8TRYWMUMJfANA9jEVxP1aibxKU7y2
TKNygZt3ts5arBs6
-----END CERTIFICATE REQUEST-----


Now, to check whether ,you have entered the proper information while creating CSR, we need to check the content of the CSR,for this refer URL

http://www.linuxforeveryone.com/2015_01_01_archive.html


And if you want self signed certificate ,then we can use below openssl command
to get a Certificate using csr and private key we have just created. 
Use below command for this purpose.


 openssl x509 -signkey domain_name.key -sha256  -in domain_name.csr -req -days 365 -out domain.crt

Where,

domain_name.key ===== is  private key.
domain_name.csr ===== is csr.
-days ===== Number of days of validity ,you want for your cert.


Labels:

Comments

  1. AnonymousTuesday, March 29, 2022 at 3:14:00 AM PDT

    Pragmatic Play offers a wide range of slots and
    Pragmatic Play has a selection of slot 바카라 전략 games, including slots, table 바카라 사이트 games, live dealer and live casino 메리트 카지노 주소 games. It is 카지노 a 카지노 사이트 leading provider

    ReplyDelete

Post a Comment

Popular posts from this blog

Multiple instances of redis

By Er.Susheel
In the last post I have covered how to install redis server on Centos/Rhel using rpm method and yum method and some troubleshooting skills. In this post i am going to cover how to install and configure redis to run with multiple ports.                                                                           But why we need more ports ? If you have read my earlier post , you already know that by default redis runs on single port 6379, which any one can use it for small website to cache the data. But for heavy website like magento we need to use additional ports along with 6379 to serve different cache from different ports. Like in Magento there is simple cache which is normally stored under /var/cache directory. Then there is Full Page Cache which is stored under /var/full_page_cache...
35 comments
Read more

arbtd: Package isn't signed with proper key

By Linux For Every One
  If you are System Admin and worked on linux machine or servers in your current job or in past. Chances are you might come across linux service abrtd, even if you have not worked on it. but might be through some other work. same thing happened to me, while I was doing my regular work of installing php packages on linux  servers , i came across this error for which spent couple of hours actually to resolve it. T he error was 
Post a Comment
Read more

Resolving IP SKU Requirements When Adding Azure VMs to Load Balancers

By Linux For Every One
When it comes to configuring Azure Virtual Machines (VMs) within a Load Balancer (LB) environment, there are essential requirements that need to be addressed to ensure optimal performance and reliability. One common challenge faced by Azure users is the necessity of configuring IP SKUs correctly. In this blog post, we'll explore this requirement, its importance, and provide a solution to address it effectively. Understanding the IP SKU Requirement   The IP SKU (Service Key Update) requirement plays a pivotal role in the proper functioning of your Azure infrastructure, particularly within the context of Load Balancers. Here's what you need to know : IP Should Be in Standard SKU When adding Azure VMs to a Load Balancer, it's highly recommended to utilize public IP addresses configured with the Standard SKU. The Standard SKU offers an array of advanced capabilities, including enhanced traffic management and load balancing options. By using Standard SKU, you ensure a higher deg...
Post a Comment
Read more