1. Login to a computer (Linux/Windows) where openssl is installed.
2. Now we have to create a private key, using which we can generate the CSR. It is important to keep the private key safe, as this will be the key used for the certificate issued by the CA as well.
openssl genrsa -des3 -out private_key.pem 2048
As this command is started, it will ask for a "pass phrase" and its confirmation. This will be the password used to encrypt the private key.
Enter pass phrase for privkey.pem: secret Verifying - Enter pass phrase for privkey.pem: secret
Now a private key will be generated with a name of private_key.pem.
3. Next, we can generate the CSR using following command: openssl req -new -key private_key.pem -out cert.csr
This command will ask for the following details, which will have to filled out depending upon your requirements (example entries are in bold):
Country Name (2 letter code) [GB]:US State or Province Name (full name) [Berkshire]:CA Locality Name (eg, city) [Newbury]:Campbell Organization Name (eg, company) [My Company Ltd]:Barracuda Networks Organizational Unit Name (eg, section) :Support Common Name (eg, your name or your server's hostname) :www.test.barracuda.com Email Address :firstname.lastname@example.org
These commands will generate a CSR file with the name cert.csr.