ninety-seven
Generate CSR and KEY on Linux server
The CSR file is used to apply for a certificate (provided to the certificate supplier)
The KEY file is a private key used to configure ssl (put it on the server)
CERT is the certificate issued by the certificate vendor (placed on the server)

First install openssl support:

 yum -y install gcc zlib zlib-devel opensslopenssl-devel

The CSR (Certificate Request File) contains the relevant information required to apply for a certificate, the most important of which is the domain name. The domain name filled in must be the domain name you want to access through https. For example, abc.com or web.abc.com.

The following describes the process of generating key and csr. First, use the following command to generate CSR and KEY files.

 openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr

This command will generate two files, myserver.key is the key file. Please save this file carefully. Used when installing SSL certificates.

After executing the above command, you must enter the corresponding information, such as the domain name, according to the prompts, step by step, and finally generate these two files.

 Country Name (2 letter code) [AU]: (country code)
 State or Province Name (full name) [Some State]: (province)
 Locality Name (eg, city) []: (city)
 Organization Name (eg, company) [Internet Widgits Pty Ltd]: (enterprise/organization)
 Organizational Unit Name (eg, section) []: (department)
 Common Name (eg, YOUR name) []: (domain name/please fill in correctly, abc.com please change to your domain name)
 Email Address []:  [email protected] (Enter the email address, which must be able to receive emails)
 Please enter the following 'extra' attributes to be sent with your certificate request
 A challenge password []: (Enter directly)
 An optional company name []: (Enter directly)
 Use the name of the web-server as Common Name (CN).  If the domain name (Common Name) is mydomain.com append the domain to the hostname (use the fully qualified domain name).

Of which A challenge password You can leave it blank. You don't need to fill it in. Enter directly. If you don't know how to fill in the above information, you can fill in the above information except for the domain name.

You can use the command cat server.csr View the contents of the file. And copy all contents of the file. Another file myserver.key And be sure to keep it well. If you lose the key, after you apply for the certificate, you will find that you cannot install without the key.

Does this help solve your problem? resolved Unresolved

Submitted successfully! Thank you very much for your feedback, and we will continue to strive to do better! We are sorry that we were unable to resolve your question. We have received your feedback and will give feedback in time!

  • 100 times fault compensation
  • Refund for 1 day without reason
  • 7x24 service
  • 0 yuan fast filing
  • 1V1 Special Secretary