Home Server Apache Solution to: How do I create an SSL CSR using openssl?

Get social!

Easy.

Solution

Assuming you have openssl installed:

  1. Create the ssl key:

    You'll be left with a "ssl.key" file in the current directory.

  2. Create the csr:

Notice the input for Common Name. The Common Name is your server's hostname. If you are purchasing a wildcard certificate, the hostname will start with a "*", otherwise "www", or "smtp" or whatever you are using for the server hostname. Also, I leave the challenge password field empty (just press <enter>), otherwise services like Apache will pause when starting, asking for the password before continuing. Obviously this is bad on an unattended server.

The above method is the same for Apache, Nginx, Dovecot, really any service that uses these certificates. The setup of the service varies, of course. For Apache, you might have something like this in your apache2.conf file:

The above is assuming a godaddy.com certificate (gd_bundle.crt is Godaddy's root bundle). I've been using namecheap.com lately, as their prices are less than their competitors by 50% or more.

Leave a Reply

Bad Behavior has blocked 45 access attempts in the last 7 days.