How to generate CSR file for SSL request on Linux

CSR is Certificate Signing Request file. It will be generated on server on which the SSL certificate will be used. This file contains details about organization and URL in encrypted format. Whenever you approach any vendor for getting SSL certificate for your webserver, you have to submit this CSR file to them. Based on information in this CSR file your certificate will be generated.

Steps :

1. Login to server on which certificate will be used.

2. Run below command to generate 2048 bit key file with name myfile.key. This key file will be used for generation of CSR. This command will ask you for a password which will be assigned within key file. Use password of your choice. This password you need to supply while generating CSR.

3. Now genrate CSR file using the key file we generated in above step.

Note that sha256 will generate CSR with SHA2 algorithm which is preferred normally. If -sha256 argument is not given, CSR will be generated with SHA1 which is outdated and normally not preferred.

4. Command will ask you key file password along with below information.

5. Once you get CSR file, you cat check its using cat. Its bunch of encrypted code which you can even decode and check information within on this link. If there is any typo in data you can regenerate CSR before submitting to vendor.

Any thoughts?