Questions? Feedback? powered by Olark live chat software
Author Avatar

Manually Creating a CSR

Written by: on 06 May 2014 02:11 PM 06 May 2014 02:11 PM

Learn the easiest way to manually generate a Certificate Signing Request (CSR) for your SSL certificate.

Please note: This article is for Linux servers NOT running cPanel


What you'll need first is to install Openssl on your server, this is a common package and will be available on all of the major distros through their package installer. Here is how you check to see if it is installed in a "Yum" style system such as CentOS or Fedora:

    # yum install openssl openssl-devel

Generate the RSA key

Create a RSA key:

    # mkdir /root/
    # cd /root/

Type the following command to generate a private key.

    # openssl genrsa -out /root/ 2048

Create a CSR

Type the following command to create a CSR with the RSA private key (output will be PEM format):

    # openssl req -new -key /root/ -out /root/

When creating a CSR you must follow these conventions. Enter the information to be displayed in the certificate. The following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?.,&. All fields are required.

DN Field Explanation Example
Common Name The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL, then your CSR's common name must be If you plan on getting a Wildcard certificate make sure to prefix your domain with a '*' ex. *
Organization The exact legal name of your organization. Do not abbreviate your organization name.
Organization Unit Section of the organization Sales
City or Locality The city where your organization is legally located. Melbourne
State or Province The state or province where your organization is legally located. Can not be abbreviated. Victoria
Country The two-letter ISO abbreviation for your country. AU

Do not enter extra attributes at the prompt.

  • Warning: Leave the challenge password blank (press enter)

Verify your CSR

    # openssl req -noout -text -in /root/

Submit your CSR

From this point you have to take your CSR that you created here and submit it to a certificate authority. We offer Comodo certificates through the my account area.

(0 vote(s))
Not helpful