How to generate CSR for SSL certificate

To generate a CSR (Certificate Signing Request) for an SSL certificate, follow the steps below, depending on your server or system environment. The CSR is a critical component used to apply for SSL certificates from a Certificate Authority (CA). It includes your public key and identifying information.

🔐 General Steps to Generate a CSR Using OpenSSL (Linux/macOS/Windows with OpenSSL)

1. Install OpenSSL (if not already installed)

   • On Linux/macOS: Typically pre-installed.

   • On Windows: Install from OpenSSL for Windows

2. Generate a Private Key

3. Create the CSR 

1. You will be prompted to enter details:

   • Country Name (e.g., US)

   • State or Province

   • Locality (City)

   • Organization Name

   • Organizational Unit

   • Common Name (e.g., www.yourdomain.com)

   • Email Address

2. Submit the CSR to your chosen Certificate Authority to get the SSL certificate.

🖥️ For Windows Server (IIS)

1. Open IIS Manager.

2. In the Connections panel, select the server.

3. Double-click Server Certificates.

4. In the Actions panel, click Create Certificate Request.

5. Enter the requested info in the Distinguished Name Properties:

   • Common Name, Organization, City, etc.

6. Choose Cryptographic Service Provider Properties (default is fine).

7. Save the .req file which is your CSR.

8. Use this CSR when ordering your SSL certificate.

🛠️ CSR Generation Notes

• Always keep the private key (yourdomain.key) secure and never share it.

• The Common Name should match the domain name for which you are requesting the SSL.

• Most modern SSL providers require a key length of 2048 bits or more.

If you're setting this up on a server for RChilli products or services and need assistance, please contact support@rchilli.com for environment-specific guidance.