Generating Certificate for validation (CSR generation)

In order to install SSL certificates on your Apache server you need to generate a key pair and a CSR (certificate signing request) as the first step. The following points will guide you in the creation of CSR file.

Once you finish generating the CSR file, you need to paste the content of the CSR file on to the SSL certificate request page in order for the certificate authorities to start their verification process.

Command line prompts in a Linux box

Find where openssl is installed and navigated to that directory
$ whereis openssl

Mostly it will be at /usr/bin/. If it is in a different path, then navigate to that directory path
$ cd /usr/bin

If asked for a pass phrase, enter a phrase which you need to use when generating the CSR file from the key file.

Next, we will use des3 algorithm to generate the key. If you want to generate a key for a site you can give for easy reference
$ openssl genrsa -des3 -out certificate-name.key 2048

Next in the process is to generate the CSR file from the key
$ openssl req -new -key certificate-name.key -out certificate-name.csr

This will involve a step of questions where you need to answer your two-digit country code, province or state, company name, organizational unit name, company name and email address.For the part that involves “Common Name (eg, your name or your server’s name)” enter the domain name for which you want to get the certificate (for e.g.

Now, copy the content of CSR file and paste it on the certificate request page (probably the web page of the certificate authorities web page like RapidSSL, GoDaddy, VeriSign, Thawte SSL certificate issuance authority.

After submitting the .csr file, you need to wait for the .cer files from the certificate authority. If you are going with Godaddy, they will send you a bundle certificate along with the original .cer file which you need to install in your web server.


Written by kurinchilamp

Website: http://

Leave a Reply

Your email address will not be published. Required fields are marked *