4,461
edits
No edit summary |
|||
Line 67: | Line 67: | ||
2. Create an insecure key for CSR sourcing from the secure one | 2. Create an insecure key for CSR sourcing from the secure one | ||
< | <source lang="bash" highlight="1"> | ||
$ openssl rsa -in server.key -out server.key.insecure | $ openssl rsa -in server.key -out server.key.insecure | ||
Enter pass phrase for server.key: | Enter pass phrase for server.key: | ||
writing RSA key | writing RSA key | ||
</ | </source> | ||
3. Rename the keys | 3. Rename the keys | ||
Line 83: | Line 83: | ||
$ openssl req -new -key server.key -out server.csr | $ openssl req -new -key server.key -out server.csr | ||
</syntaxhighlight> | </syntaxhighlight> | ||
or | |||
<source lang="console" highlight="1"> | |||
$ openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr | |||
Generating a 2048 bit RSA private key | |||
.............+++ | |||
..................+++ | |||
writing new private key to 'server.key' | |||
----- | |||
You are about to be asked to enter information that will be incorporated | |||
into your certificate request. | |||
What you are about to enter is what is called a Distinguished Name or a DN. | |||
There are quite a few fields but you can leave some blank | |||
For some fields there will be a default value, | |||
If you enter '.', the field will be left blank. | |||
----- | |||
Country Name (2 letter code) [XX]:US | |||
State or Province Name (full name) []:New Mexico | |||
Locality Name (eg, city) [Default City]:Albuquerque | |||
Organization Name (eg, company) [Default Company Ltd]:The University of New Mexico | |||
Organizational Unit Name (eg, section) []:IT | |||
Common Name (eg, your name or your server's hostname) []:oraapi02d.unm.edu | |||
Email Address []: | |||
Please enter the following 'extra' attributes | |||
to be sent with your certificate request | |||
A challenge password []: | |||
An optional company name []: | |||
</source> | |||
== Let's Encrypt == | == Let's Encrypt == |