Barracuda's award-winning technical support is available 24x7 worldwide. Your time is valuable, which is why we will always connect you with a live person.

How can I generate a CSR using openssl?

Solution #00006246


1. Login to a computer (Linux/Windows) where openssl is installed.

2. Now we have to create a private key, using which we can generate the CSR. It is important to keep the private key safe, as this will be the key used for the certificate issued by the CA as well.

openssl genrsa -des3 -out private_key.pem 2048

As this command is started, it will ask for a "pass phrase" and its confirmation. This will be the password used to encrypt the private key.

Enter pass phrase for privkey.pem: secret
Verifying - Enter pass phrase for privkey.pem: secret

Now a private key will be generated with a name of private_key.pem.

3. Next, we can generate the CSR using following command:

openssl req -new -key private_key.pem -out cert.csr

This command will ask for the following details, which will have to filled out depending upon your requirements (example entries are in bold):

Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:CA
Locality Name (eg, city) [Newbury]:Campbell
Organization Name (eg, company) [My Company Ltd]:Barracuda Networks
Organizational Unit Name (eg, section) []:Support
Common Name (eg, your name or your server's hostname) []
Email Address []

These commands will generate a CSR file with the name cert.csr.

Link to this page: