SSL Certificates
- Announcements
- Product Introduction
- SSL Certificate Security
- Purchase Guide
- SSL Certificate Selection
- SSL Certificate Renewal Process
- Certificate Application
- Information Submission Process for Paid SSL Certificates
- Domain Ownership Validation
- Certificate Installation
- Installing an SSL Certificate on a Tencent Cloud Service
- Installation of International Standard Certificates
- Certificate Management
- API Documentation
- Making API Requests
- Certificate APIs
- Practical Tutorial
- Profile Management
- Troubleshooting
- FAQs
- SSL Certificate Selection
- SSL Certificate Application
- SSL Certificate Management
- SSL Certificate Installation
- SSL Certificate Region
- SSL Certificate Review
- SSL Certificate Taking Effect
- SSL Certificate Billing and Purchase
- Related Agreement
How Do I Make a CSR File?
Last updated: 2024-03-06 18:00:08
How do I make a CSR file?
This topic describes how to generate a Certificate Signing Request (CSR) file.
Prerequisites
Before applying for an SSL certificate, you need to generate a key file and a CSR file for generating the certificate. The CSR file is the source file of your public key certificate. It contains your server and company information and needs to be submitted to a certificate authority (CA) for review. You are advised to use the CSR file generated by the system to avoid approval failures caused by information input errors. If you choose to manually generate a CSR file, ensure that you properly keep and back up your private key file. Pay attention to the following when manually generating a CSR file:
UTF-8 encoding is required for input information. Specify UTF-8 encoding when you use OpenSSL to configure the CSR.
The SSL certificate service system has strict requirements regarding the key length of the CSR file. The key length must be 2,048 bits and the key type must be RSA.
For a multi-domain SSL certificate or wildcard SSL certificate, you only need to enter a domain name for
Common Name or What is your first and last name?.Generating a CSR file using OpenSSL
1. Log in to a local computer or server running Linux.
2. Install OpenSSL. For installation details, see How to Install OpenSSL?
3. Run the following command to generate a CSR file:
openssl req -new -nodes -sha256 -newkey rsa:2048 -keyout [$Key_File] -out [$OpenSSL_CSR]
Note:
new: generate a new CSR file.
nodes: do not encrypt the key file.
sha256: digest algorithm.
newkey rsa:2048: key type and length.
[$Key_File]: key file name.
[$OpenSSL_CSR]: storage path of the encrypted file.
4. Enter information required for CSR file generation as prompted. The necessary fields are described as follows:
Organization Name: company or organization name.
Organizational Unit Name: department or section name.
Country Code: two-letter country code of the country where your company is located. For example, enter
CN for China.State or Province Name: name of the province or state where your company is located.
Locality Name: name of the city where your company is located.
Common Name: website domain name for which you are applying for an SSL certificate.
Email Address: this field is optional.
Challenge Password: this field is optional.
After you enter the information as prompted, the key file and CSR file are generated in the current directory.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No