Skip to content

Create PKI key and CSR request

Christopher Hopkins edited this page Dec 2, 2013 · 19 revisions

You will generally want to protect information users provide and get from your websites. In order to do this, you will need to generate a PKI private key and Certificate Signing Request (CSR). The PKI private key will be kept on the webserver, and the CSR will be sent to a Certificate Authority (CA) to be signed. The following command will enable you to create both.

 $ openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

Openssl will prompt you for additional information, and after you have supplied the answers, then it will generate the key and CSR.

Clone this wiki locally