Home » How to Manually Create a CSR (Certificate Signing Request) Using OpenSSL?
How to Manually Create a CSR (Certificate Signing Request) Using OpenSSL?
(4 votes, average: 5.00 out of 5)
Loading...
If you want to manually generate a certificate signing request for securing the server but aren’t aware of the know-how, there is no need to – fret! As you have landed on the right article. In this article, we will explore – “How to generate CSR manually using OpenSSL?”
Before exploring the step-by-step instructions to generate a CSR manually using OpenSSL, let’s analyze and comprehend – “What exactly is OpenSSL?” Understanding this will help you grasp the process in a better way and widen your knowledge in this respective domain.
What is OpenSSL?
OpenSSL is an open-source software library. It offers a commercial-grade and full-featured toolkit for Secure Sockets Layer protocols and is widely employed to shield communications over computer networks against cyber attacks like – eavesdropping.
The library also consists of cryptographic library functions that enable encryption and decryption, maintaining privacy and security during data exchanges.
Now that we have some understanding of OpenSSL let’s move on to the main topic – Creating CSR manually using OpenSSL.
Here are the steps to manually create CSR using OpenSSL:
Step 1: Download and Install OpenSSL
Step 2: Setup OpenSSL
Step 3: Generate a Certificate Signing Request using OpenSSL
Let’s explore each of these steps in-depth.
Step 1: Download and Install OpenSSL
Follow the steps mentioned below to download and install OpenSSL on your Windows device:
Click Search, placed on the taskbar.
Type Chrome and press Enter.
The Chrome browser window will open.
In the URL bar, type https://slproweb.com/products/Win32OpenSSL.html.
Press Enter.
Scroll to the Download Win32/Win64 OpenSSL table.
Select and download one of the non-light editions of the installer.
Double-click the OpenSSL file.
Follow the default settings to finish the OpenSSL installation.
Step 2: Setup OpenSSL
Follow the steps mentioned below to setup OpenSSL on your Windows device:
Click Search placed on the taskbar.
Type CMD and press Enter.
The Command Prompt window will appear.
Type the cd \OpenSSL-Win32 command and press Enter.
Verify that the line changed to C:\OpenSSL-Win32.
Type set OPENSSL_CONF=c:\OpenSSL-Win32\bin\openssl.cfg command and press Enter.
Restart your Windows device.
Step 3: Generate a Certificate Signing Request using OpenSSL
Follow the steps mentioned below to generate a code signing request using OpenSSL:
Click Search, placed on the taskbar.
Type CMD and press Enter.
The Command Prompt window will appear.
In the Command Prompt window, type cd \OpenSSL-Win32\bin command and press Enter.
Verify that the line changed to C:\OpenSSL-Win32\bin.
Type the openssl genrsa -out private-key.key 2048 command and press Enter.
Type the openssl req -new -key private-key.key -out csr.txt command and press Enter.
Enter the required information in the respective fields:
In the Country Name field, type the two-letter code of the country where the organization is situated.In the State field, type the name of the state where the organization requesting the SSL cert is located.In the City or Locality field, type the name of the city or town where the organization is situated or located.In the Company or Organization field, type the full legal name of the organization.In the OrganizationalOrganizational Unit field, type the department name or organization unit making the request.
In the Common Name field, type the Fully Qualified Domain Name that you want to shield.
Verify that a public/private key pair is created.
Type the commands given below to move the private key and CSR file to a centralized directory, and press Enter after entering each command:
md c:\certificate
move private-key.key c:\certificate
move csr.txt c:\certificate
The CSR file is ready to use for certificate enrollment.