Create a CSR (Certificate Signing Request) with openssl

Reading Time: < 1 minute

To create a CSR you need to use two commands, but to do that, I suggest you to use a ConfigFile like the one below.

[ req ]
default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
prompt = no

[ req_distinguished_name ]
countryName = IT # Country Name (2 letter code)
stateOrProvinceName = Italy # State or Province Name (full name)
localityName = Milan # Locality Name (eg, city)
organizationName = Company s.r.l. # Organization Name (eg, company)
commonName = # Common Name (e.g. server FQDN or YOUR name)

[ req_ext ]
subjectAltName = @alt_names

DNS.1 =

When you have edited the file has your needs, just type this two commands:

Generate private key
openssl genrsa -out vcloud-private.key 2048

If you want to add a password the the keyfile use this command
openssl genrsa -aes128 -passout pass:passwd -out vcloud-private.key 2048

Request creation from existing keyfile using the config file previously created
openssl req -out vcloud.csr -key vcloud-private.key -config config-file.config -new

To check your cert you can user the following website SSLShopper

Check Out!