I needed to set up HTTPS enabled website in a secured business environment and a part of the process is to submit a Certificate Signing Request (CSR) to Certificate Authority (CA).

HTTPS is SSL/TLS layer that secure communication between client and server on top of HTTP. If you’d like to know more about how HTTPS works, Robert Heaton wrote a good article about SSL/TLS over HTTP right here.

To generate the .csr file I needed a private key, and there are a few ways I can generate the private key with. I can generate the private key on its own, along with the public key set or altogether with both public key and the .csr file. OpenSSL is a handy CLI tool that can generate these files.

Here is below some handy OpenSSL commands that I used to generate .csr files.

# Generate CSR file and private key with 2048 bit encryption
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout private.key

# Generate CSR file with both private and public key
openssl req -out CSR.csr -key private.key -new

# Verify your CSR file
openssl req -text -noout -verify -in CSR.csr

# Validate your CSR file against private key
openssl req -noout -modulus -in CSR.csr | openssl md5