Generate a CSR
A CSR is a certificate signing request, and it is needed by a certificate authority to apply for an SSL certificate. To generate a CSR, log into shell.sonic.net with your username and password.
openssl req -out <yourhostname>.csr -new -newkey rsa:2048 -nodes -keyout <yourhostname>.key
Fill in the fields with your information. When prompted to enter the "challenge password", skip this step by hitting enter.
Once complete, you will have two files, the <yourhostname>.csr which you will need to give to the CA to complete your request, and <yourhostname>.key. Once you have the signed public key from your CA, we will need the public key, the private key generated with the CSR, and the CSR to complete the secure hosting configuration.
Testing your CSR
The following command will test a CSR:
openssl req -text -noout -verify -in <yourhostname>.csr
To test your private key:
openssl rsa -in <yourhostname>.key -check