How to create a CSR and Private Key

GENERATING PRIVATE KEY and CSR USING CPANEL

  1. Log in to your cPanel control panel. All the credentials you can find in the welcome email sent to you right after you’ve ordered a service.
  2. Click the “SSL/TLS” icon in the Security section.
  3. Click the “Generate, view, or delete SSL certificate signing requests” link.
  4. Fill in the form and click the “Generate” button. Make sure you use alphanumeric Latin characters only. All the required fields are marked with the asterisks (*).
  5. Done. The Certificate Signing Request (CSR) is formed now. Copy it and activate the SSL certificate in your client area. Then follow the Certificate Authority (CA) instructions.

Previously created Private Key и CSR will be always available in cPanel.

  1. Log in to your cPanel control panel. All the credentials you can find in the welcome email sent to you right after you’ve ordered a service.
  2. Click the “SSL/TLS” icon in the Security section.
  3. View the Private Key and click the “Generate, view, upload, or delete your private keys” link. Click the “Edit” link in front of the certificate’s main domain name.  A new page with a Private Key will load.
  4. View the CSR and click the “Generate, view, or delete SSL certificate signing requests” link under the Certificate Signing Requests (CSR) menu. Click the “Edit” link in front of the domain.  A new page with a CSR will load.

 

GENERATING PRIVATE KEY and CSR USING ISPMANAGER

  1. Log in to your ISPmanager control panel. All the credentials you can find in the welcome email sent to you right after you’ve ordered a service.
  2. Go to the “WWW” – “SSL certificates” section.
  3. Click the “CSR” button and then “Create”.
  4. Fill in the form and click the “Ok” button. Make sure you use alphanumeric Latin characters only. All the required fields are marked with the asterisks (*).
  5. The Certificate Signing Request (CSR) named as your domain will appear in the list. Doubleclick the certificate’s main domain name in the list to view SSL certificate signing requests and Private Key.

GENERATING PRIVATE KEY and CSR USING DirectAdmin

  1. Log in to your DirectAdmin control panel. All the credentials you can find in the welcome email sent to you right after you’ve ordered a service.
  2. Go to the “Domain Setup”. Click the domain name link in the list. Tick the Secure SSL checkbox and click the “Modify” button.
  3. Then go back to the dashboard and click the “SSL Certificates” icon.
  4. Go to the “Create A Certificate Request” tab page and fill in the required details. The provided information will be provided in the CSR code to the Certificate Authority. Make sure you use alphanumeric Latin characters only. Use an ISO Alpha-2 country code (two-letter suffixes) in the “Country” field (https://en.wikipedia.org/wiki/ISO_3166-1). After all the details are filled in, click “Save” at the bottom of the page.
  5. After that, DirectAdmin will show the CSR code and the private key. You can use the CSR code to activate your SSL certificate. Copy it with the header and footer (—–BEGIN/END CERTIFICATE REQUEST—–). Make sure you backed it up in a separate file because after you close the page, the CSR will not be available anymore.

PRIVATE KEY AND CSR GENERATION USING THE TERMINAL

  1. Open command line (terminal).
  2. Generate the Private Key using the command:
    openssl genrsa -out private.key 2048
  3. Generate CSR using the command:
    openssl req -new -key private.key -out your_domain.csr -sha256
  4. Fill in the data using alphanumeric Latin characters only:
    • Country Name (2 letter code)
    • State or Province Name (full name) [Some-State]
    • Locality Name (eg, city)
    • Organization Name (eg, company) [Internet Widgits Pty Ltd]
    • Common Name (e.g. server FQDN or YOUR name)
    • Email Address
  5. Private.key and your_domain.csr files are saved to your user folder now.

IMPORTANT NOTE: Download and save the generated private.key and your_domain.csr files. Repeating the generate command will not create the same key – it will be a different key, and you will need to generate a CSR for it again and re-issue the certificate.

 

Rate this article
Share this article
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
In this article