Tsohost Help Centre

Table of Contents

NGINX: Generate CSRs (Certificate Signing Requests)

Updated Dec 10th, 2020 at 18:07 GMT

Before you can request your SSL, you must generate a Certificate Signing Request (CSR) from your server. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate-request page.

To Generate NGINX CSRs #

  1. Connect to your server via SSH
  2. Run the following command:

    openssl req -new -newkey rsa:2048 -nodes -keyout your domain name.key -out your domain name.csr

  3. Note: Replace your domain name with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.
  4. Enter the requested information:
  5. FieldWhat to enter...
    Common NameThe fully-qualified domain name, or URL, youwant to secure. If you are requesting a Wildcard certificate, addan asterisk (*) to the left of the common namewhere you want the wildcard, forexample *.coolexample.com. .
    OrganizationThe legally-registered name for your business. Ifyou are enrolling as an individual, enter thecertificate requestor's name.
    Organization UnitIf applicable, enter the DBA (Doing Business As)name..
    City or LocalityName of the city where your organization isregistered/located. Do not abbreviate.
    State or ProvinceName of the state or province where yourorganization is located. Do not abbreviate.
    CountyThe two-letter International Organization forStandardization (ISO) format country code forwhere your organization is legally registered.
    Passphrase(Optional): A password for the SSL. If you leavethis field blank, there is no password for the SSL,which can expose you to additional risks.
  6. Open the CSR in a text editor and copy all the text.
  7. Paste the full CSR into the SSL request area in your account.