How to Create a CSR with Nginx using OpenSSL

Creating a CSR to enable you to get an SSL certificate cannot be easier on Nginx especially when you use OpenSSL.

SSH onto your Linux box as usual.

Type in:

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

You will be greeted with output like the following, what you need to type in is highlighted in bold, finish each line by pressing return.

Generating a 2048 bit RSA private key
…………………………..+++
…………………………………+++
writing new private key to ‘server.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:UK
State or Province Name (full name) [Some-State]:Some County
Locality Name (eg, city) []:Some City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Gyp the Cat dot Com
Organizational Unit Name (eg, section) []:Website
Common Name (e.g. server FQDN or YOUR name) []:www.gypthecat.com
Email Address []:[email protected]

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

If you’ve got a wild care SSL cert you can use *.gypthecat.com in the Common Name section.

We’ll probably need to paste the CSR into a web form from your SSL provider.

more server.csr

Copy and paste the entire output (including the —– lines) into the necessary box.  There you go, all done!

If you want to read what to do with the SSL certificate you get back read on how to get your Nginx SSL certificate functioning.