Create CSR OpenSSL (NGIX, Apache, UNIX)

The following commands will be executed on commandline.

Before you can create a CSR on an Apache or NginX server, you have to decide in which directory the CSR will be saved. This example uses the following path:
cd /etc/ssl/certs

If a private key has not yet been created, the following command must be executed first:
openssl req -sha256 -nodes -newkey rsa:2048 -keyout -out (Replace '' with the domain name for which the CSR will be generated.)

The server will automatically continue with a request for information that is mandatory for the creation of a CSR. Give the appropriate responses and press enter after each answer.

  • Country name (2 letter code): NL (the country code in capital letters)
  • State or Province Name (full name): Noord-holland (the full name of the state or province)
  • Locality Name (city): Amsterdam (the name of the town or city you are located in)
  • Organization name: Bedrijfsnaam B.V. (the company name, as has been entered in the registry of the Chamber of Commerce)
  • Organizational Unit Name (section): Sales (the department name)
  • Common Name (server FQDN or Your name): (the common name of the domain for which the certificate request is being made. When the CSR is created for a Wildcard certificate, enter '*' here.)
  • Email address: (The email address)
  • A challenge password: (This field should be left blank. Press enter.)
  • An optional company name: (This field should be left blank. Press enter.)

Perform the command 'ls -l'. This gives a result similar to the following example:
-rw-r-r-1 root root 1.1k Feb 15 11:42
-rw-r-r-1 root root 1.7k Feb 15 11:42

The file is your private key. Do not let this file fall into third party hands. The file is your CSR that can be used to place an order for your SSL certificate. Open the CSR file with the following command:

This will give a result similar to the following example:
-----BEGIN CERTIFICATE REQUEST----- MIIC7DCCAdQCAQAwgaYxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdEcmVudGhlMQ4w DAYDVQQHDAVFbW1lbjEbMBkGA1UECgwSTmV0d29ya2luZzRhbGwgQi5WMQ4wDAYD VQQLDAVTYWxlczEfMB0GA1UEAwwWd3d3Lm5ldHdvcmtpbmc0YWxsLmNvbTEnMCUG CSqGSIb3DQEJARYYc2FsZXMubmV0d29ya2luZzRhbGwuY29tMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG3vxWeYbNBfqVft68DaC5ORUmuK8CE3mGUh EKLJgHbPuC7y7KE1mJekeNDv4gehG7gdhGBOobRTwDYru1VnFCmeXKvLXzIaCczR +Xy09L6Itb1aOnLBv7p8VlxQ7OhViCJvmkAXJGHEcEex3ENaMMuw8YBnsw2JzOZv IzBD1XZm04da2k1Ai0vmwH5aoYTA5F+gE9Izouc9Opkp2k9+tdjUY9uarrMRj7XS E+hI4jqnHH32+vPNFziZ4QbVl5GpjMR/Q0GdIL8Bcu8Sw1u3cQSCu0ZzKZTG6oEJ 2oB8dVjc5BrtXfEYxF0s9T8HyXdx4NQuOtjN1beo6TQzP6s9QQIDAQABoAAwDQYJ KoZIhvcNAQELBQADggEBABJ2vZSMHmErkGpZFRBudCEwR+SEPvdYqCVwojn6R4rZ lAsbZ5TNng2GYWDMmoAsw6zq4/fd8q1cAoOG9fj6z3lEswpU3eqhc0f/wrVtfTN7 vc7yAB81FAcgw5Ad7c8h4oGrd3pYtXX/cLHSLSnpnXp9vc4nsWK3h88K8ZV9ih+e eUK0JDV3wZ3ok80JTTkws48/txIApfV6J1P2SfHazK7kann39Mb0ZnIcfBeYK26R APArN6rLh+Yx/gjqaCBo6sGZLx3J5o+W86zaSoo+v8wvPbNa4JNw8gg4PooY6JVE MEU5t6hHjD9AkNCO8uOi1K+FqzHe0aMq0EVvoHw7AMg= -----END CERTIFICATE REQUEST-----

The CSR that was generated for your domain name can now be used to request an SSL certificate on Follow the steps in our SSL Wizard to request the certificate. When you reach the step to enter the CSR, simply copy and paste the generated code in your CSR file.