How to Manually Create a CSR (Certificate Signing Request) Using OpenSSL?

1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...
Manually Generate CSR using OpenSSL

If you want to manually generate a certificate signing request for securing the server but aren’t aware of the know-how, there is no need to – fret! As you have landed on the right article. In this article, we will explore – “How to generate CSR manually using OpenSSL?”

Before exploring the step-by-step instructions to generate a CSR manually using OpenSSL, let’s analyze and comprehend – “What exactly is OpenSSL?” Understanding this will help you grasp the process in a better way and widen your knowledge in this respective domain.

Buy SSL Certificates

What is OpenSSL?

OpenSSL is an open-source software library. It offers a commercial-grade and full-featured toolkit for Secure Sockets Layer protocols and is widely employed to shield communications over computer networks against cyber attacks like – eavesdropping.

The library also consists of cryptographic library functions that enable encryption and decryption, maintaining privacy and security during data exchanges.

Now that we have some understanding of OpenSSL let’s move on to the main topic – Creating CSR manually using OpenSSL.

Recommended: What is OpenSSL? Useful OpenSSL Commands to Work with SSL Certificates

How to Manually Create CSR Using OpenSSL?

Here are the steps to manually create CSR using OpenSSL:

Step 1: Download and Install OpenSSL

Step 2: Setup OpenSSL

Step 3: Generate a Certificate Signing Request using OpenSSL

Let’s explore each of these steps in-depth.

Step 1: Download and Install OpenSSL

Follow the steps mentioned below to download and install OpenSSL on your Windows device:

  • Click Search, placed on the taskbar.
  • Type Chrome and press Enter.
  • The Chrome browser window will open.
  • In the URL bar, type https://slproweb.com/products/Win32OpenSSL.html.
  • Press Enter.
  • Scroll to the Download Win32/Win64 OpenSSL table.
  • Select and download one of the non-light editions of the installer.
  • Double-click the OpenSSL file.
  • Follow the default settings to finish the OpenSSL installation.

Step 2: Setup OpenSSL

Follow the steps mentioned below to setup OpenSSL on your Windows device:

  • Click Search placed on the taskbar.
  • Type CMD and press Enter.
  • The Command Prompt window will appear.
  • Type the cd \OpenSSL-Win32 command and press Enter.
  • Verify that the line changed to C:\OpenSSL-Win32.
  • Type set OPENSSL_CONF=c:\OpenSSL-Win32\bin\openssl.cfg command and press Enter.
  • Restart your Windows device.

Step 3: Generate a Certificate Signing Request using OpenSSL

Follow the steps mentioned below to generate a code signing request using OpenSSL:

  • Click Search, placed on the taskbar.
  • Type CMD and press Enter.
  • The Command Prompt window will appear.
  • In the Command Prompt window, type cd \OpenSSL-Win32\bin command and press Enter.
  • Verify that the line changed to C:\OpenSSL-Win32\bin.
  • Type the openssl genrsa -out private-key.key 2048 command and press Enter.
  • Type the openssl req -new -key private-key.key -out csr.txt command and press Enter.
  • Enter the required information in the respective fields:
    • In the Country Name field, type the two-letter code of the country where the organization is situated.In the State field, type the name of the state where the organization requesting the SSL cert is located.In the City or Locality field, type the name of the city or town where the organization is situated or located.In the Company or Organization field, type the full legal name of the organization.In the OrganizationalOrganizational Unit field, type the department name or organization unit making the request.
    • In the Common Name field, type the Fully Qualified Domain Name that you want to shield.
  • Verify that a public/private key pair is created.
  • Type the commands given below to move the private key and CSR file to a centralized directory, and press Enter after entering each command:
    • md c:\certificate
    • move private-key.key c:\certificate
    • move csr.txt c:\certificate
  • The CSR file is ready to use for certificate enrollment.

Alternate Option: Save Time with Free Online CSR Generator Tools

How to Open the Certificate Signing Request File?

Follow the steps mentioned below to open the created code signing request file:

  • Click Search, placed on the taskbar.
  • Type CMD and press Enter.
  • The Command Prompt window will appear.
  • In the Command Prompt window, type the notepad c:\certificate\csr.txt command and press Enter. (Change the name of the file in the command.)
  • A Notepad will appear with the encoded data needed to enroll for an SSL cert.

Now, what’s left is to copy the encoded text and paste it into the required field to proceed with the SSL Certificate Installation!