The "C:\OpenSSL-Win32\bin" directory holds all the files necessary to generate new SSL certificate requests. Openssl.exe should be used to generate the following two files:
- rui.key - A 1024-bit RSA key that we will use to generate a new SSL Certificate request file
- rui.csr - The .csr file contains the certificate request information that can be submitted to a SSL Certificate Authority in order to issue a new SSL Certificate.
First, lets' create a new key file. At the command prompt, type "openssl genrsa 1024 > rui.key" and press enter.
A new file called “rui.key” has now been created under “C:\OpenSSL-Win32\bin”. This file can now be used to generate a new certificate request file.
Now that the rui.key file has been created by OpenSSL, issue the following command at the prompt in order to generate a new certificate request file: “openssl req –new –key rui.key > rui.csr”
OpenSSL will now request the following information that will be package into the certificate request file. This information will be used by the Certificate Authority to issue and sign a new SSL Certificate.
|Field Name||Field Description|
|Country Name (2 letter code)||Find your 2 letter country code here (Opens in a new window)|
|State or Province Name||State/Province/County of the Organisation|
|Locality Name (e.g. City)||City (e.g. London)|
|Organization Name||Enter your Company Name|
|Organizational Unit Name||Enter your Department Name|
|Common Name||Enter the FQDN of the server of which the certificate should be issued to|
|Email Address||Email Address of Requestor|
|A challenge password||Enter a Password|
|An optional company name||Normally left blank|
OpenSSL has now created a file called “rui.csr”. This file contains the request that needs to be submitted to a Certificate Authority in order to issue and sign a new SSL Certificate based on the information entered into the request.