Apple Mac OS X Server - Generate CSR

A Certificate Signing Request (CSR) is required when applying for an SSL certificate. This CSR (and private key) can be generated on your webserver. To request a wildcard certificate, fill in an * (asterisk) for the subdomain, for example *.sslcertificaten.nl (instead of www.sslcertificates.nl).

Creating the Private Key

  • Login to your server as root and open the Terminal application.
  • In prompt, type the following commands and press Enter after each line:
# cd
# openssl md5 * > rand.dat
# openssl genrsa -rand rand.dat -des 2048 > key.pem
  • Enter a password and press Enter. This pass phrase is created for the purpose of releasing the certificate key. You must use this line to activate SSL on your web server.
  • If the following folder does not yet exist on your server, please create it: /etc/httpd/ssl.key
  • Create a copy of the key.pem file that you just generated and name it server.key. Copy server.key to the ssl.key folder.

Creating the Certificate Signing Request (CSR)

Enter the following command and press Enter:

openssl req -new -key key.pem -out csr.pem
  • Please fill out the requested information:

Country: Your country
State: Your state (in full)
Locality: Your town
Organization Name: Company name
Organizational Unit: Your department (not obligatory)
Common Name: Your domain name (without https://)
E-mail Address: Your e-mail address

  • Your CSR will now be placed in the previously created csr.pem.

To order a certificate, copy the entire contents of the generated CSR, including the first and last line and all dashes.

Order certficate

SSLCheck

Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues