Do not use any of the following characters in your Certificate Signing Request (CSR): > < ! @ # $ % ^ * ( ) ~ ? / \.
In a terminal window, begin the CSR creation by entering the following command: #openssl req -new -key /path/to/your/apacheconf/ssl.key servername.key -out /path/to/your/apacheconf/ssl.csr/servername.csr
The rest of the CSR creation is interactive. You must supply your company information as accurately as possible to ensure successful submission of your CSR.
Enter PEM pass
phrase:
Enter the passphrase assigned to servername.pem as performed in the previous
step.
Country Name
(2 letter code) [AU]:
Enter the corresponding ISO3166 country code for the country.
State or
Province Name
(full name) [Some-State]:
Enter the corresponding state or province, without abbreviations.
Locality Name
(eg, city):
Supply the city or locality name.
Organization
Name
(eg, company) [ipsCA.]:
Supply the name of your company or organization. This information should reflect
the officially registered name of your company or organization.
This organization must own the domain name that appears in Common Name (CN) of your web site.
Organizational
Unit Name
(eg, section):
If relevant, supply the name of the division or department
Common Name
(eg, your web server's hostname):
Supply the Common Name (CN) of your web site in the field provided. This name
must be identical to the fully qualified domain name of the web site for which
you are requesting a certificate.
If the web
site name does not match the common name in the certificate, some browsers will
refuse to establish a secure connection with your site.
Do not specify the protocol (http://), any port numbers or pathnames in the
Common Name (CN).
Do not use wildcards such as * or ?.
Email Address
[ ] :
Supply your email address.
Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:
DO NOT USE.
An optional company name []:
DO NOT USE.
The "servername.csr" file will now contain the CSR cipher text that is needed during the enrollment process.
Creation of the Private Key and Certificate Signing Request is now complete