Welcome to Linux Forums! With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.
Find the answer to your Linux question:
Site Navigation
Linux Forums
Linux Articles
Product Showcase
Linux Downloads
Linux Hosting
Free Magazines
Job Board
IRC Chat
RSS Feeds
Free Publications


This article describes how to generate Certificate signing request to be sent to Certificate Authority. Also this article helps to generate self signed certificate

(1) Loginto the server in which cert to be generated.
First we have to generate private key using following command
#openssl genrsa 2048 > servername.key

(2)Next we have to generate csr (certificate signing request) to be sent to CERTIFICATE AUTHORITY using following command

#openssl req -new -key  servername.key -out servername.csr

Input the parameters when asked 
(NOTE: The common name parameter should be the site name we are hosting)

[root@uat004 crts]# openssl req -new -key  private
.key  -out vinotest.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
(Note: Dont enter any password or optional company name) 
Then cat servername.csr
Then paste the csr in https://ssl-tools.verisign.com/#csrValidator to check if the generated csr have all the information we supplied.




Then we have to send the csr to certificate signing authority and they will send servername.crt
..

FOr creating self signed certificate ssl(self signed)

openssl x509 -req -days 365 -in name.csr -signkey private.key -out certficatename.crt






Rate This Article: poorexcellent
 
Comments about this article

Comment title: * please do not put your response text here