** Must install OpenSSL on your system
1. Single-name SSL Certificates
# openssl req -new -newkey rsa:2048 -nodes -keyout abc.com.key -out abc.com.csr
After pressing enter, you’ll be prompted with the following:
- Country Name (2 letter code) : Use your 2 char country code
- State or Province Name (full name) : Use your current State
- Locality Name (eg, city): City name
- Organization Name (eg, company) : Company name
- Organizational Unit Name (eg, section) : Your team in the organization.
- Common Name (eg, fully qualified host name): Domain name
- Email Address : Your offical email address
- Password :Leave it blank.
2. Wildcard SSL Certificates
- Create a configuration file
# openssl.cnf
- Add parameter as below
[req]
default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
prompt = no
[req_distinguished_name]
commonName = *.abc.com
countryName = MY
stateOrProvinceName = <state>
localityName = <city>
organizationName = <org.name>
[req_ext]
subjectAltName = @alt_names
[alt_names]
DNS.1=abc.com
DNS.2=*.abc.com
- Generate private key
#openssl genrsa -out private.key 2048
- Generate CSR
#openssl req -new -nodes -key abc.com.key -config openssl.cnf -out abc.com.csr
3.Verification of CSR
#openssl req -in abc.com.csr -noout -text
0 comments:
Post a Comment