Collections:
Other Resources:
OpenSSL "req -newkey" - Generate Private Key and CSR
How to generate a new private key with a public key and generate a CSR (Certificate Signing Request) using a single OpenSSL "req" command?
✍: FYIcenter.com
If you do not have a pair of private key and public key, and you want to generate CSR (Certificate Signing Request) to represent your personal identity or server identity, you can use the OpenSSL "req -newkey" command as shown below. The same command will generate a pair of RSA private key and public key for you too.
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -newkey rsa:1024 -keyout rsa_test.key -out rsa_test.csr Generating a 1024 bit RSA private key ......................................................++++++ ...................++++++ writing new private key to 'rsa_test.key' Enter PEM pass phrase: fyicenter Verifying - Enter PEM pass phrase: fyicenter ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:us State or Province Name (full name) [Some-State]:NY Locality Name (eg, city) []:New York Organization Name (eg, company) [Internet Widgits Pty Ltd]:Donald Inc. Organizational Unit Name (eg, section) []:IT Common Name (e.g. server FQDN or YOUR name) []:www.donald.inc Email Address []:john@donald.inc Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:fyicenter An optional company name []:fyicenter OpenSSL> exit C:\Users\fyicenter>type rsa_test.csr -----BEGIN CERTIFICATE REQUEST----- MIIB/jCCAWcCAQAwgYkxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJOWTERMA8GA1UE BwwITmV3IFlvcmsxFDASBgNVBAoMC0RvbmFsZCBJbmMuMQswCQYDVQQLDAJJVDEX MBUGA1UEAwwOd3d3LmRvbmFsZC5pbmMxHjAcBgkqhkiG9w0BCQEWD2pvaG5AZG9u YWxkLmluYzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxstNNkFnj8N+LbC/ yXno7NX/xaNcwR5rIaRU6EklcnVO9IzX9TiF0SSQpIjemUmFuFvBxO8QXuigz1Ht gIV1dBv19EoUcpRS8nRCXuh7iK3XJ5oMKcn8Z0IFwACqHhdJQTE2lhySla72Gh79 6MtLXlr9CudiJkWYqu9PNpVscyECAwEAAaA0MBgGCSqGSIb3DQEJAjELDAlmeWlj ZW50ZXIwGAYJKoZIhvcNAQkHMQsMCWZ5aWNlbnRlcjANBgkqhkiG9w0BAQsFAAOB gQAfIdsEkiZuitWKvGk4+/t3jRpc3rkluuxuQewfTziQaRX2cGjRQmoQHJ4r3K3r g5boOB2Z/cx5K9wlU1r5uIA2prrOQra638X+FE8hgpsmFRqsStQnhU8X4l0oRwpz RNhRnOfk3ME31TuuGTiy5Uf/BlGnQCI63b3D4GIQjxS4Dw== -----END CERTIFICATE REQUEST-----
Options used in this "req" command are:
⇒ OpenSSL "req -new -x509" - Generate Self-Signed Certificate
2016-11-12, 2571🔥, 0💬
Popular Posts:
Certificate Summary: Subject: GlobalSign Atlas R3 DV TLS CA 2022 Q1 Issuer: GlobalSign Expiration: 2...
How to specify those intermediate CA certificates that form the signing chain for the server certifi...
Why "DigiNotar Root CA" certificate is shown as "not trusted" in Mozilla Firefox 47? It seems be a r...
What is the wrap of an ASN.1 SEQUENCE structure? The wrap of an ASN.1 SEQUENCE structure is the bina...
Certificate Summary: Subject: Microsoft Azure TLS Issuing CA 06 Issuer: DigiCert Global Root G2 Expi...