This article will outline the steps one needs to go through for creating a Private Key, generating a CSR (Certificate Signing Request), and submitting the CSR to a CA (Certificate Authority) provider.
Steps:
➜ Desktop mkdir myOrg-privatekey ➜ Desktop cd myOrg-privatekey ➜ myOrg-privatekey ls ➜ myOrg-privatekey
➜ myOrg-privatekey openssl genrsa -out myOrg-env.domain.com.key 2048
➜ myOrg-privatekey openssl req -new -out myOrg-env.domain.com.csr -key myOrg-env.domain.com.key
You will be prompted to enter the following information:
Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:California Locality Name (eg, city) []:San Jose Organization Name (eg, company) [Internet Widgits Pty Ltd]:Apigee Organizational Unit Name (eg, section) []:Global Service Center Common Name (e.g. server FQDN or YOUR name) []:myOrg-env.domain.com Email Address []:admin@domain.com
You will also be prompted for the following 'extra' attributes:
A challenge password []: An optional company name []:
(These can be left empty at your discretion)
➜ myOrg-privatekey openssl req -out myOrg-env.domain.com.csr -new -newkey rsa:2048 -nodes -keyout myOrg-env.domain.com.key
This will also prompt you for the following information:
Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:California Locality Name (eg, city) []:San Jose Organization Name (eg, company) [Internet Widgits Pty Ltd]:Apigee Organizational Unit Name (eg, section) []:Global Service Center Common Name (e.g. server FQDN or YOUR name) []:myOrg-env.domain.com . . Email Address []:admin@domain.com..A challenge password []: An optional company name []:
➜ myOrg-privatekey openssl req -noout -text -in myOrg-env.domain.com.csr