Manually Creating a CSR
Written by: Will Kruss on 06 May 2014 02:11 PM
Learn the easiest way to manually generate a Certificate Signing Request (CSR) for your SSL certificate.
Please note: This article is for Linux servers NOT running cPanel
What you'll need first is to install Openssl on your server, this is a common package and will be available on all of the major distros through their package installer. Here is how you check to see if it is installed in a "Yum" style system such as CentOS or Fedora:
# yum install openssl openssl-devel
Generate the RSA key
Create a RSA key:
# mkdir /root/domain.com.ssl/ # cd /root/domain.com.ssl/
Type the following command to generate a private key.
# openssl genrsa -out /root/domain.com.ssl/domain.com.key 2048
Create a CSR
Type the following command to create a CSR with the RSA private key (output will be PEM format):
# openssl req -new -key /root/domain.com.ssl/domain.com.key -out /root/domain.com.ssl/domain.com.csr
When creating a CSR you must follow these conventions. Enter the information to be displayed in the certificate. The following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?.,&. All fields are required.
Do not enter extra attributes at the prompt.
Verify your CSR
# openssl req -noout -text -in /root/domain.com.ssl/domain.com.csr
Submit your CSR
From this point you have to take your CSR that you created here and submit it to a certificate authority. We offer Comodo certificates through the my account area.