CSR Generation Steps Apache (OpenSSL)

  • Apr 20, 2023

To create a certificate signing request (CSR) for your Apache Web server, please follow the instructions provided below:
  1. Open a command prompt on your server and navigate to the directory where you want to store the CSR and private key.
  2. Run the following command to generate a private key:
    Copy code : openssl genpkey -algorithm RSA -out private.key
  3. Run the following command togenerate a CSR using the private key:
    Copy code : openssl req -new -key private.key -out csr.pem
  4. Out the prompt with your server's information, including the common name (domain name), organization, country, and email address.
    1. Common Name: The FQDN (fully-qualified domain name) you want to secure with the certificate such as www.google.com, secure.website.org, *.domain.net, etc.
    2. Organization: The full legal name of your organization including the corporate identifier.
    3. Organization Unit (OU): Your department such as ‘Information Technology’ or ‘Website Security.’
    4. City or Locality: The locality or city where your organization is legally incorporated. Do not abbreviate.
    5. State or Province: The state or province where your organization is legally incorporated. Do not abbreviate.
    6. Country: The official two-letter country code (i.e. US, CH) where your organization is legally incorporated.
  5. Once the CSR is generated, you can then use it to request an SSL certificate from a certificate authority (CA).
  6. Save the private key and CSR file in a secure location and make sure that you do not share the private key with anyone.
Make sure that you are running the command on the same server for which you are creating the CSR, and that the domain name entered in the CSR must match the domain name of the server.




Sections