All the actions below are performed in a Windows 10 PC running Linux subsystem (Ubuntu 20.04)
- Create a file named cert_config.cnf
- Paste the following code and change the fields
[ req ]
default_md = sha256
prompt = no
req_extensions = req_ext
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
commonName = example.com <- Change
countryName = AT <- Change
stateOrProvinceName = Vienna <- Change
localityName = Vienna <- Change
organizationName = Acme Inc. <- Change
organizationalUnitName = IT <- Change
emailAddress = change_me@email.com <- Change
[ req_ext ]
keyUsage=critical,digitalSignature,keyEncipherment
extendedKeyUsage=critical,serverAuth,clientAuth
subjectAltName = @alt_names
[ alt_names ]
DNS.0 = www.example.com <- Change
DNS.1 = example2.com <- Change
DNS.2 = www.example2.com <- Change- Put the file cert_config.cnf in a directory and run the following command
- You can change the RSA key length. (2048, 4096 etc)
- If you want to have a password protected private key, you can delete “-nodes”
- A password prompt will be displayed
openssl req -out cert_request.csr -newkey rsa:4096 -nodes -keyout privateKey.key -config cert_config.cnf
In the directory you run the above command you’ll have
- The Certificate Sign Request file named cert_request.csr
- The private key file name privateKey.key
If you’ve found my post helpful, I’d love it if you bought me a coffee! ☕😊
