OpenSSL Generating a Certificate Signing Request: Difference between revisions

From UNIX Systems Administration
Jump to navigation Jump to search
Line 9: Line 9:
## <tt>'''# openssl req -noout -modulus -in <csr_name>.csr | openssl md5'''</tt>
## <tt>'''# openssl req -noout -modulus -in <csr_name>.csr | openssl md5'''</tt>
=== Apache with mod_ssl Enabled (With subjectAltName) ===
=== Apache with mod_ssl Enabled (With subjectAltName) ===
# If required follow the [[OpenSSL Generating a Private Key]] procedure.
# For Apache purposes, use the key with no pass phrase to generate the CSR file.
# Create a config file to be configured with the multiple subdomains.
## <tt>'''cat << EOL >> <config_file>.cnf'''</tt>
# Generate the CSR from the private key using openssl.
## <tt>'''# openssl req -new -key <key_name>.key -out <csr_name>.csr'''</tt>
# Enter the information as required by the prompts.
# Verify the checksum of the key matches the checksum CSR.
## <tt>'''# openssl req -noout -modulus -in <csr_name>.csr | openssl md5'''</tt>


== Further Reading ==
== Further Reading ==

Revision as of 03:50, 15 November 2020

Generate the Certificate Signing Request (CSR)

Apache with mod_ssl Enabled (No subjectAltName)

  1. If required follow the OpenSSL Generating a Private Key procedure.
  2. For Apache purposes, use the key with no pass phrase to generate the CSR file.
  3. Generate the CSR from the private key using openssl.
    1. # openssl req -new -key <key_name>.key -out <csr_name>.csr
  4. Enter the information as required by the prompts.
  5. Verify the checksum of the key matches the checksum CSR.
    1. # openssl req -noout -modulus -in <csr_name>.csr | openssl md5

Apache with mod_ssl Enabled (With subjectAltName)

  1. If required follow the OpenSSL Generating a Private Key procedure.
  2. For Apache purposes, use the key with no pass phrase to generate the CSR file.
  3. Create a config file to be configured with the multiple subdomains.
    1. cat << EOL >> <config_file>.cnf
  4. Generate the CSR from the private key using openssl.
    1. # openssl req -new -key <key_name>.key -out <csr_name>.csr
  5. Enter the information as required by the prompts.
  6. Verify the checksum of the key matches the checksum CSR.
    1. # openssl req -noout -modulus -in <csr_name>.csr | openssl md5

Further Reading

  1. How to Generate SSL key, CSR, and Self Signed Certificate for Apache