Generate a CSR for Apache / NEXEN

1- Create the private key

• Connect under root with ssh and go to the setup repertory of your Apache SSL server.
  

  cd /etc/apache-ssl

• The key is generated with the following command (define a name that suits you):
  

  openssl genrsa 2048 > www.example.com.key

• If you want to be protected by a password (that will be requested each time Apache will be restarted), add:
  
  "-des3"   after "genrsa").
• You can enhance the key quality by adding, after "genrsa",the following instructions:
  
  "-rand/var/log/messages".
  
  It enables random numbers to be used.

Make a backup copy of this .key file!

• Protect your file with:
  

  chmod 400 www.example.com.key

2- Create the certificate request (CSR)

• Use this command to generate the CSR:
  

  openssl req -new -key www.example.com.key > www.example.com.csr

  
  
• The system will ask you to fill in fields ; Fill them in by following the instructions given on the page Obtain a server certificate
  Country Name (2 letter code) []
  State or Province Name (full name) [Some-State]
  Locality Name (eg, city) []
  Organization Name (eg, company) []
  Organizational Unit Name (eg, section) []: (Do not fill - advised - or enter a generic term such as "IT Department".)
  Common Name (eg, YOUR name) []: (the name of the website you want to secure)
  Email Address []: (let blank)

3- Place an order request

• Use the appropriate link to place your order on our website and select ApacheSSL as software. See Access a, order form
• Copy/paste the content of the www.exemple.com.csr file in the form.