Prerequisites
Be ready to give precise details during the certificate signing request (CSR) generation. This involves information such as country name, state or province name, locality name, organization name, etc.
Open the OpenSSL Command Prompt
The OpenSSL command prompt is a specialized tool for cryptographic operations. Look for it on your desktop. If it’s not there, you may need to install OpenSSL.
Specify Document Folder Path
Before generating any keys or requests, we need to decide where the generated files will be saved. Use the cd command followed by the path to your chosen folder. For example, cd /Documents/SSLKeys. This sets the working directory for OpenSSL.
Generate a Private Key
To establish secure communication, we need a private key. Type the command openssl genrsa -out 4096.key 4096 and press “Enter”. This creates a secure private key with a bit length of 4096.
- Think of the private key like a secret code; it’s unique to your system. Do not share it with anyone.
- The generated file, “4096.key”, is now stored in your specified folder.
Generate a Certificate Signing Request (CSR)
Now, we need to create a Certificate Signing Request (CSR). Type openssl req -new -key 4096.key -out 4096.csr and press “Enter”.
Enter CSR Information
You’ll be prompted to provide specific information for your certificate. Follow the prompts and provide the required details:
This CSR is like a formal request for a digital certificate. It contains information about your identity. The file “4096.csr” is created in your specified folder.
Save and Secure the Generated Files
- You’ve generated a private key and CSR. These files, “4096.key” and “4096.csr”, are crucial for securing communications and obtaining a digital certificate.
- Keep the private key confidential and secure. Share the CSR as needed; it doesn’t compromise your security.
By following these detailed steps, you’ve successfully navigated the OpenSSL command prompt, generated a private key, and created a Certificate Signing Request.
