Logon to your Ubuntu server using SSH.
Step 1 – Setup a new Directory
Create a folder to store the files called in home directory called ssl. Go into the newly created directory.
$ mkdir ssl $ cd ssl
Step 2 – Create Private Key
Generate a private key by executing the following command.
$ sudo openssl genrsa -des3 -out example.key 2048
Type in pass phrase.
Step 3 – Create CSR
Generate CSR by executing the following command.
$ sudo openssl req -new -key example.key -out example.csr
Enter the private key pass phrase.
Enter the following details:
- Country – This is the two-letter abbreviation for your country. For example, United States would be US and Australia would be AU.
- State or Province Name – This is the full name of the state your organization operates from. For example, this might be “Victoria” or “Michigan”.
- Locality Name – Name of the city your organization operates from. Examples might include “Melbourne” or “Phoenix”. Don’t use abbreviations in this field. For example, “Melb” should be “Melbourne”
- Organization Name – The name of your organization. If you are a business, use must use your legal name. If you are applying as an individual, you use your full name instead. For example, “Tech Creations Pty Ltd”
- Organizational Unit Name – You can use a department name here. For example, “IT Department” or “Web Administration”.
- Common Name – The domain name that you are purchasing a SSL certificate for. This must be a fully qualified domain name (FQDN). An example might be mydomain.com.
Note:If you are applying for a special wildcard SSL certificate, you will need to enter an asterisk for the subdomain. An example in that case might be *.mydomain.com. Never include the “http://”, “https://”, or any other special characters in this field. Never include text after the top level domain at the end. For example, your common name should end in .com, .net, (or whatever other extension you are applying for.)
- Email Address – An email address that can be used as a point of contact for your domain. Be sure the address is valid.
- A challenge password – An optional password to further secure your certificate. Be sure to remember this password if you choose to use it. It must be at least 4 characters long. You can skip this step if you like.
- An optional company name – Another optional step. Fill in your company name if you wish. This is not required for web SSL certificates.
Step 4 – Check and Open the CSR file created
Run the following commands
$ ls $ cat example.csr