tsoHost Help Centre

Table of Contents

NGINX: Generate CSRs (Certificate Signing Requests)

Updated Apr 27th, 2021 at 14:47 BST

Before you can request your SSL, you must generate a Certificate Signing Request (CSR) from your server. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate request page.

To Generate NGINX CSRs #

  1. Connect to your server via SSH
  2. Run the following command:

    openssl req -new -newkey rsa:2048 -nodes -keyout your domain name.key -out your domain name.csr

  3. Note: Replace your domain name with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.
  4. Enter the requested information:
  5. FieldWhat to enter...
    Common NameThe fully-qualified domain name, or URL, you want to secure. If you are requesting a Wildcard certificate, addan asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com. .
    OrganizationThe legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor's name.
    Organization UnitIf applicable, enter the DBA (Doing Business As)name.
    City or LocalityName of the city where your organization is registered/located. Do not abbreviate.
    State or ProvinceName of the state or province where your organization is located. Do not abbreviate.
    CountyThe two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.
    Passphrase(Optional): A password for the SSL. If you leavethis field blank, there is no password for the SSL, which can expose you to additional risks.
  6. Open the CSR in a text editor and copy all the text.
  7. Paste the full CSR into the SSL request area in your account.