Generate A CSR

To generate a Certificate Signing Request (CSR), simply use the following command:

openssl req -new -newkey \
rsa:2048 \
-keyout $MY_SITE.key \
-out $MY_SITE.csr

Make sure to remember the password you use to encrypt the CSR, but you do not need to set the "challenge password".

Copy and paste the contents of the newly generated .csr file into the web form and select "PKI" before entering the password you used to encrypt the CSR.

Copy the private key given to you by StartCom, and replace the contents of your .key file with it.

Now decrypt the private key file with:

openssl rsa \
-in $MY_SITE.key \
-out $MY_SITE.decrypted.key

Now download the certificate bundle from StartCom. You will need the certificates provided by the site, along with the decrypted file in your Apache/Nginx configuration.



Stuart is a software developer with a passion for Linux and open source projects.

comments powered by Disqus
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to and affiliated sites. More info.