Generating a certificate signing request (CSR) with OpenSSL

   Certificate Signing Request is most often used to request a signed SSL certificate.

   The CSR contains your company and domain information, encrypted with a strong asymetric encryption key.

   To generate an CSR you can use OpenSSL:


       openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

   This one line generates both the encryption key and the CSR itself. As a result you’ll get a ‘.csr’ file which will be used for requesting the SSL certificate and a ‘.key’ file containing the encryption private key. 

   Important!: You will need the private key later, to install the SSL certificate on your web server. Keep it safe and do not send your private key to anyone.