A CSR is a file that contains your application data and the public key to your private key. Create your CSR file as follows, and then copy its contents to the appropriate field in the ordering process.

To create a key pair consisting of a private key and public certification request (CSR), enter the following command:

openssl req -new -nodes -keyout filename.key -out filename.csr -newkey rsa:2048

It is advisable to choose the file name in such a way that you will be able to clearly assign it to the site later on. We therefore recommend using the domain to be certified, replacing the dots with underscores as the file name, for example www_psw_net.key or www_psw_net.csr.

The command creates two files. The file with the extension key contains the private key, so do not give this file to strangers. Please be sure to create a backup of your private key, as there is no way to restore it if it is lost. The private key serves as the basis of the certification request (CSR) and therefore also as the basis of the certificate.

When creating the CSR, you will be asked for some details that will be included in the CSR besides the public key and make it unique. Some fields have a default value, to accept this simply press the Enter key, if you want to leave the respective field empty enter a dot (.).

Country Name (2 letter code) [AU]: DE

enter your country code here

State or Province Name (full name) [Some-State]: Hessen

enter your state here

Locality Name (eg, city) []: Fulda

enter your city here

Organization Name (eg, company) [Internet Widgits Pty Ltd]: MyCompany

here you enter your company name / organization name / first and last name, whichever is most appropriate for you

Organizational Unit Name (eg, section) []: IT

here you can enter a department, but this field can also be left empty

Common Name (e.g. server FQDN or YOUR name) []: www.domain.de

here you enter the site you want to protect, it must contain a complete domain name, so if you want to protect https://www.domain.de/… enter www.domain.de, domain.de is not sufficient, unless you only want to protect https://domain.de/… only. Files and directories, on the other hand, are always included, see also http://cvs.openssl.org/chngview?cn=21799.

E-Mail Address []: info@domain.de

enter your e-mail address here

You may be asked for the following ‚extra‘ information

A challenge password []:
An optional company name []:

Please always leave these blank.

Your CSR has now been created. Open the filename.csr file in a text editor and copy its contents into the field provided in the order process.

 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.