Generate a CSR

From SonicWiki
Jump to: navigation, search

A CSR is a certificate signing request, and it is needed by a certificate authority to apply for an SSL certificate. To generate a CSR, log into shell.sonic.net with your username and password.

openssl req -out <yourhostname>.csr -new -newkey rsa:2048 -nodes -keyout <yourhostname>.key

Fill in the fields with your information. When prompted to enter the "challenge password", skip this step by hitting enter.

Once complete, you will have two files, the <yourhostname>.csr which you will need to give to the CA to complete your request, and <yourhostname>.key. Once you have the signed public key from your CA, we will need the public key, the private key generated with the CSR, and the CSR to complete the secure hosting configuration.

Testing your CSR

The following command will test a CSR:

openssl req -text -noout -verify -in <yourhostname>.csr

To test your private key:

openssl rsa -in <yourhostname>.key -check