SSL Certificates Help

NGINX: Generate CSRs (Certificate Signing Requests)

Before you can request your SSL, you must generate a Certificate Signing Request (CSR) From your server. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate-request page.

To Generate NGINX CSRs

  1. Connect to your server via SSH (more info).
  2. Run the following command:
    openssl req -new -newkey rsa:2048 -nodes -keyout your domain name.key -out your domain name.csr

    Note: Replace your domain name with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.

  3. Enter the requested information:
    FieldWhat to enter...
    Common NameThe fully-qualified domain name, or URL, you want to secure.
    If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.
    OrganizationThe legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor's name.
    Organizational UnitIf applicable, enter the DBA (Doing Business As) name. It is not necessary to specify an organizational unit when generating a CSR.
    City or LocalityName of the city where your organization is registered/located. Do not abbreviate.
    State or ProvinceName of the state or province where your organization is located. Do not abbreviate.
    CountryThe two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.
    Passphrase(Optional): A password for the SSL. If you leave this field blank, there is no password for the SSL, which can expose you to additional risks.
  4. Open the CSR in a text editor and copy all of the text.
  5. Paste the full CSR into the SSL request area in your account.