How to Generate a CSR via SSH in Linux (Apache/Nginx/Litespeed)

A Certificate Signing Request (CSR) refers to a key you generate on your web server so that you can use it to request for a premium SSL to secure your website.

In this guide, you will learn how to generate a CSR via SSH on your Linux based servers i.e Servers running Ubuntu, Debian, Centos, Redhat and the likes.

We will use a very poweful tool called openSSL.

Prerequisites

A server with linux based OS such as Ubuntu or Centos
A domain/subdomain that is already linked to the server
Assume the domain we want to generate CSR for is truehosttestdomain.com

Procedure

1.Login to your server using SSH

2.Create a folder inside your home directory where you will put all your certificate files and navigate to it. In this case, we will call ours certs

$ mkdir certs

$ cd certs

3.Run the command below to start the CSR generation process. Replace truehosttestdomain.com with your actual domain name

$ openssl req -new -newkey rsa:2048 -nodes -keyout truehosttestdomain.com.key -out truehosttestdomain.com.csr

4. Enter the CSR details as follows

Note: At the end, do not enter a challenge password / passphrase. SSL will not be issued successfully with this.

Country Name (2 letter code) [AU]: – Enter your country’s 2 letter code e.g KE, for Kenya, NG for Nigeria, ZA for South Africa.

State or Province Name (full name) [Some-State]: – Enter your State or Province Name eg Nairobi

Locality Name (eg, city) []: – Enter the name of your city or town eg Nairobi

Organization Name (eg, company) [Internet Widgits Pty Ltd]: – Enter the name of your company

Organizational Unit Name (eg, section) []: – Enter the company’s organisation unit that handles SSL eg IT Dept

Common Name (e.g. server FQDN or YOUR name) []: – Enter your domain name without http:// section. This must be the full domain eg truehost.com

Email Address []: – Enter a valid email address

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: – Do NOT enter anything here
An optional company name []: – Do NOT enter anything here either

Once finished filling in the form, press the Return (Enter) button on your keyboard.

5. Your CSR file will be generated along with a private key. Use the command below to list files on your directory

$ ls -l

csr file ends with .csr extension while private key ends with .key extension

Note: The private key must remain on the server. It should not be deleted or otherwise replace. If you should delete it accidentally. Please repeat the process above.

6. Run the command below to display the contents of the CSR file: truehosttestdomain.com.csr

$ cat truehosttestdomain.com.csr

7. Copy the content above from —–BEGIN CERTIFICATE REQUEST—– to —–END CERTIFICATE REQUEST—– and proceed to install SSL.

If you purchased SSL with Truehost, you can use this guide to request for SSL so you can install it.

Dan

05:34 06 Aug 23

Great support team

Mercy Solomon

16:02 03 Aug 23

Eccapda E Store

06:57 03 Aug 23

One of the worst company i have ever found. They show you cheap hosting services. but no customer service after that. even they do not refund money. They are scammers, dont just go for them by seeing low prices. after that you will have to face lots of mental harrasment.

Maxwell Okumu

15:37 02 Aug 23

I haven't encountered any significant service disruptions from Truehost. I especially like that their support team is easily accessible and resolves issues speedily

The Support Center

How to Generate a CSR via SSH in Linux (Apache/Nginx/Litespeed)

Prerequisites

Procedure

Was this article helpful?

Leave A Comment? Cancel Reply

The Support Center

Prerequisites

Procedure

Was this article helpful?

Related Articles

Leave A Comment? Cancel Reply