Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (83)
EC Keys (2415)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6550)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5284)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "req -newkey" - Generate Private Key and CSR
How to generate a new private key with a public key and generate a CSR (Certificate Signing Request) using a single OpenSSL "req" command?
✍: FYIcenter.com
If you do not have a pair of private key and public key, and you want to generate CSR (Certificate Signing Request) to represent your personal identity or server identity, you can use the OpenSSL "req -newkey" command as shown below. The same command will generate a pair of RSA private key and public key for you too.
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -newkey rsa:1024 -keyout rsa_test.key -out rsa_test.csr Generating a 1024 bit RSA private key ......................................................++++++ ...................++++++ writing new private key to 'rsa_test.key' Enter PEM pass phrase: fyicenter Verifying - Enter PEM pass phrase: fyicenter ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:us State or Province Name (full name) [Some-State]:NY Locality Name (eg, city) []:New York Organization Name (eg, company) [Internet Widgits Pty Ltd]:Donald Inc. Organizational Unit Name (eg, section) []:IT Common Name (e.g. server FQDN or YOUR name) []:www.donald.inc Email Address []:john@donald.inc Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:fyicenter An optional company name []:fyicenter OpenSSL> exit C:\Users\fyicenter>type rsa_test.csr -----BEGIN CERTIFICATE REQUEST----- MIIB/jCCAWcCAQAwgYkxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJOWTERMA8GA1UE BwwITmV3IFlvcmsxFDASBgNVBAoMC0RvbmFsZCBJbmMuMQswCQYDVQQLDAJJVDEX MBUGA1UEAwwOd3d3LmRvbmFsZC5pbmMxHjAcBgkqhkiG9w0BCQEWD2pvaG5AZG9u YWxkLmluYzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxstNNkFnj8N+LbC/ yXno7NX/xaNcwR5rIaRU6EklcnVO9IzX9TiF0SSQpIjemUmFuFvBxO8QXuigz1Ht gIV1dBv19EoUcpRS8nRCXuh7iK3XJ5oMKcn8Z0IFwACqHhdJQTE2lhySla72Gh79 6MtLXlr9CudiJkWYqu9PNpVscyECAwEAAaA0MBgGCSqGSIb3DQEJAjELDAlmeWlj ZW50ZXIwGAYJKoZIhvcNAQkHMQsMCWZ5aWNlbnRlcjANBgkqhkiG9w0BAQsFAAOB gQAfIdsEkiZuitWKvGk4+/t3jRpc3rkluuxuQewfTziQaRX2cGjRQmoQHJ4r3K3r g5boOB2Z/cx5K9wlU1r5uIA2prrOQra638X+FE8hgpsmFRqsStQnhU8X4l0oRwpz RNhRnOfk3ME31TuuGTiy5Uf/BlGnQCI63b3D4GIQjxS4Dw== -----END CERTIFICATE REQUEST-----
Options used in this "req" command are:
⇒ OpenSSL "req -new -x509" - Generate Self-Signed Certificate
2016-11-12, 2544👍, 0💬
Popular Posts:
Certificate Summary: Subject: *.taobao.com Issuer: VeriSign Class 3 Secure Server CA - G3 Expiration...
Certificate summary - Owner: *.examiner.com, Domain Control Validated, *.examiner.com Issuer: SERIAL...
Certificate summary - Owner: www.hdfcbank.com, IT, Hdfc Bank Ltd, STREET="Lvl6,Lodha i-Think Techno ...
Certificate summary - Owner: www.taringa.net, Domain Validated, Thawte SSL123 certificate, Go to htt...
How to see more security related information on View Page Info in Google Chrome 29? To see more secu...