Certificate Signing Request (CSR) on Linux

This is a quick overview of how I create CSRs for obtaining SSL certificates.

Create a directory for storing your SSL assets.

cd /etc/apache2 && mkdir ssl && cd ssl

Create a private key.

openssl genrsa -out jasonsnider.com.key 2048

Create a signing request.

openssl req -new -key jasonsnider.com.key -out jasonsnider.com.csr

For most certificate authorities (CA) (I user RapidSSL) you will sign the certificate with your two letter country code, your full state and city with no abreviations and your orginzations name. The "Organizational Unit Name" is prbably not going to be required and the "Common Name" is the domain you are requesting a certificate for. For many CAs a certificate created for www.example.com will cover example.com as well.

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Illinois
Locality Name (eg, city) []:Chicago
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Jason Snider   
Organizational Unit Name (eg, section) []:               
Common Name (e.g. server FQDN or YOUR name) []:www.jasonsnider.com
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []: