Table of Contents
NGINX: Generate CSRs (Certificate Signing Requests)
Updated Apr 27th, 2021 at 14:47 BST
Before you can request your SSL, you must generate a Certificate Signing Request (CSR) from your server. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate request page.
To Generate NGINX CSRs #
- Connect to your server via SSH
Run the following command:
openssl req -new -newkey rsa:2048 -nodes -keyout your domain name.key -out your domain name.csr
- Note: Replace your domain name with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.
- Enter the requested information:
- Open the CSR in a text editor and copy all the text.
- Paste the full CSR into the SSL request area in your account.
| Field | What to enter... |
|---|---|
| Common Name | The fully-qualified domain name, or URL, you want to secure. If you are requesting a Wildcard certificate, addan asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com. . |
| Organization | The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor's name. |
| Organization Unit | If applicable, enter the DBA (Doing Business As)name. |
| City or Locality | Name of the city where your organization is registered/located. Do not abbreviate. |
| State or Province | Name of the state or province where your organization is located. Do not abbreviate. |
| County | The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered. |
| Passphrase | (Optional): A password for the SSL. If you leavethis field blank, there is no password for the SSL, which can expose you to additional risks. |