wiki:NGINX Generate SSL Certificate

Version 6 (modified by saj.issa, 8 years ago) ( diff )

--

This website details the process of creating a certificate

https://www.digicert.com/csr-creation-apache.htm

  1. On the host VM run the following command :

sudo openssl req -new -newkey rsa:2048 -sha256 -nodes -keyout briccs.xuhl-tr.nhs.uk.key -out briccs.xuhl-tr.nhs.uk.csr

Ensure that the prefix for the .key and .csr is you domain name.

This command requires the following user input :

Generating a 2048 bit RSA private key

........+++

.................................+++

writing new private key to 'uhlbriccsext01.xuhl-tr.nhs.uk.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:'''UK'''

State or Province Name (full name) [Some-State]:Leicestershire

Locality Name (eg, city) []:Leicester

Organization Name (eg, company) [Internet Widgits Pty Ltd]:University Hospitals of Leicester NHS Trust

Organizational Unit Name (eg, section) []:Cardiovascular

Common Name (e.g. server FQDN or YOUR name) []:uhlbriccsext01.xuhl-tr.nhs.uk

Email Address []:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []: Pa55word

An optional company name []:

This command generates a .key and .csr

uhlbriccsext01.xuhl-tr.nhs.uk

sudo openssl req -new -newkey rsa:2048 -sha256 -nodes -keyout uhlbriccsext01.xuhl-tr.nhs.uk.key -out uhlbriccsext01.xuhl-tr.nhs.uk.csr

send text of csr to Robert.Hallett@…

ask him to create a base46 cer which is in text format and not binary

add the file to this directory /share/cert/live/

Note: See TracWiki for help on using the wiki.