Generate a Certificate Signing Request (CSR)
Apache + ApacheSSL

Follow these instructions to generate a CSR for your Web site. When you have
completed this process, click the “close” button below to close this window
and continue to the next step. OpenSSL is the open source project that replaced
SSLeay. If you are using SSLeay on your system instead of OpenSSL, substitute
ssleay with openssl for the commands.

  • Install OpenSSL, if not found on your server.
  • Create a RSA key for your Apache server:

    cd /apacheserverroot/conf/ssl.key (ssl.key is the default key
    directory.)

    If you have a different path, cd to your server’s private key directory

  • Type the following command to generate a private key that is file encrypted.
    You will be prompted for the password to access the file and also when starting
    your webserver: Warning: If you lose or forget the
    passphrase, you must purchase another certificat
    e.

    openssl genrsa -des3 -out domainname.key 1024

You could also create a private key without file encryption:

openssl genrsa -out domainname.key 1024

Note: We recommend that you name the private key using
the domain name that you are purchasing the certificate for ie domainname.key

* Note: You will be prompted for your PEM passphrase if you included the
“-des3″ switch in step 3.

When creating a CSR you must follow these conventions. Enter the information
to be displayed in the certificate. The following characters can not be accepted:
< > ~ ! @ # $ % ^ / \ ( ) ?.,&

DN Field

Explanation

Example

Common Name The fully qualified domain name for your web
server. This must be an exact match.
If you intend to secure the URL https://www.geotrust.com,
then your CSR’s common name must be www.geotrust.com.
Organization The exact legal name of your organization.
Do not abbreviate your organization name.
GeoTrust
Organization Unit Section of the organization Marketing
City or Locality The city where your organization is legally
located.
Wellesley Hills
State or Province The state or province where your organization
is legally located. Can not be abbreviated.
Massachusetts
Country The two-letter ISO abbreviation for your country. US