Generate CSR for Nginx Server

  • Apr 20, 2023

To generate a CSR (Certificate Signing Request) for an NGINX server, you will need to use the OpenSSL tool. The process typically involves the following steps:
  1. Log in to your server as the root user.
  2. Open the terminal and navigate to the directory where you want to store the CSR and private key files.
  3. Use the openssl command to generate a new private key and CSR:
    Copy code : openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.csr
    Replace "example.com" with your domain name.
  4. Fill in the required information when prompted, such as your organization name, common name (CN), country, and email address.
  5. When the process is complete, two files will be generated: example.com.key (private key) and example.com.csr (CSR).
  6. Submit the CSR file to a certificate authority (CA) to obtain a signed certificate.
  7. Once you have received the signed certificate from the CA, open the terminal and navigate to the directory where you stored the CSR and private key files.
  8. Use the following command to configure the Nginx server to use the new certificate and key:
    Copy code : sudo nginx -s reload
  9. Verify that the certificate is properly installed and configured by visiting your website and checking the SSL certificate details.


  10. You can also verify the certificate by running the following command:
    Copy code : openssl x509 -noout -text -in example.com.crt
    Replace "example.com.crt" with the name of your certificate file.

 


Sections