certificate signing request

November 21, 2014 1.1k views

What type of server is used for Certificate Signing request?

1 Answer

Certificate signing requests can be created on any operating system that supports SSL. If you want to encrypt traffic on a network, you can use an SSL certificate. In the case of websites, when you see "https" it means the site has an SSL certificate that it is using to encrypt the site traffic.

In order to use SSL and get a certificate from a commercial certificate authority, you need a private key and a certificate signing request. You can generate these files on linux with the following command:

openssl req -new -newkey rsa:2048 -nodes -out example.csr -keyout example.key -subj "/C=US/ST=New York/L=New York/O=My Organization Name/CN=example.com"

You should change the location information to your business or home location and change example.com to the domain you want to serve over https.

The file "example.csr" is the signing request and "example.key" is the private key. You can give these whatever name is useful. If your website is "dogs.com" then name them "dogs.csr" and "dogs.key".

It is very important to keep your private key private, as it can be used to decrypt the data, so don't host this in a publicly accessible location. Once you have these files, you can send your certificate signing request to a company or person for signing.

  • In addition, some CAs ask for the CSR type. Usually, any of these should work: OpenSSL, Apache, Apache with mod_ssl, Nginx, and Lighttpd.

Have another answer? Share your knowledge.