This article has not been completed yet. However, it may already contain helpful Information and therefore it has been published at this stage.
|Common Name (CN)||The Fully Qualified Domain Name (FQDN). e.g. *.example.com, www.example.com, and mail.example.com.|
|Organization (O)||The legal name of your organization. Do not abbreviate and include any suffixes, such as Inc., Corp., or LLC.|
|Organizational Unit (OU)||The division of your organization handling the certificate.|
|City/Locality (L)||The city where your organization is located. This shouldn’t be abbreviated.|
|State/County/Region (S)||The state/region where your organization is located. This shouldn’t be abbreviated.|
|Country (C)||The two-letter code for the country where your organization is located.|
|Email Address||An email address used to contact your organization.|
# Checking Version openssl version -a
# Installing OpenSSL sudo apt install openssl
# CSR - Creation sudo openssl req -new -newkey rsa:2048 -nodes -keyout <key-file>.key -out <csr-file>.csr # The command creats two files. (1) .key and (2) .cer. # Remove "-nodes" in a production environment. It avoids key-encryption # which is not recommended.
# CSR - Creation based on a Custom Config-File sudo openssl req -new -newkey rsa:2048 -nodes -keyout <key-file>.key -out <csr-file>.csr -config server_cert.cnf # The command creats two files. (1) .key and (2) .cer. # Remove "-nodes" in a production environment. It avoids key-encryption # which is not recommended.
# Config-File Creation nano server_cert.cnf
# Content server_cert.cnf [req_distinguished_name] countryName = Country Name (2 letter code) stateOrProvinceName = State or Province Name (full name) localityName = Locality Name (eg, city) organizationalUnitName = Organizational Unit Name (eg, section) commonName = Common Name (eg, your name or your server\'s hostname) emailAddress = Email Address [req_ext] subjectAltName = @alt_names [alt_names] IP.1 = <IP> DNS.1 = <FQDN>
# CSR - Verification openssl req -text -in <csr-file-name>.csr -noout -verify