SSL : Generating Single or Wildcard SSL CSR

** Must install OpenSSL on your system

1. Single-name SSL Certificates

# openssl req -new -newkey rsa:2048 -nodes -keyout abc.com.key -out abc.com.csr

After pressing enter, you’ll be prompted with the following:

- Country Name (2 letter code) : Use your 2 char country code
- State or Province Name (full name) : Use your current State
- Locality Name (eg, city): City name
- Organization Name (eg, company) : Company name
- Organizational Unit Name (eg, section) : Your team in the organization.
- Common Name (eg, fully qualified host name): Domain name
- Email Address : Your offical email address
- Password :Leave it blank.

2. Wildcard SSL Certificates

- Create a configuration file
# openssl.cnf

- Add parameter as below

[req]
default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
prompt = no

[req_distinguished_name]
commonName = *.abc.com
countryName = MY
stateOrProvinceName = <state>
localityName = <city>
organizationName = <org.name>

[req_ext]
subjectAltName = @alt_names

[alt_names]
DNS.1=abc.com
DNS.2=*.abc.com

- Generate private key
#openssl genrsa -out private.key 2048

- Generate CSR
#openssl req -new -nodes -key abc.com.key -config openssl.cnf -out abc.com.csr


3.Verification of CSR
#openssl req -in abc.com.csr -noout -text

Read More

OpenSSL : Install and Upgrade version

1.Verify the current OpenSSL version

# openssl version

2. Download the latest version OR previous version of OpenSSL

# cd /usr/local/src
# wget https://www.openssl.org/source/openssl-X.X.X.tar.gz
# tar -xvzf openssl-X.X.X.tar.gz

3.Manually compile and install OpenSSL

# cd openssl-1.0.2l
#./config
# make depend
# make
# make test
# make install

4.Move the newly installed OpenSSL binary to the PATH

# mv /usr/bin/openssl /root/
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

5.Verify the newly installed OpenSSL version

#openssl version

 

source

• https://techglimpse.com/upgrade-openssl-linux-tutorial/
  

Read More