ExtensionFile

Open CSR File

EN DE ES FR IT JP PT RU

A CSR file, according to its acronym, or Certificate Signing Request is a block of encrypted text that is normally generated on the server where the SSL certificate will be used, although it can also be generated externally.

The CSR contains information that will be finally included in the SSL certificate, such as your name or that of the company, the address, the country of residence or the common name (domain for which the SSL is generated), in addition to this data it will also include a public key that will also be included in your certificate.

The Certification Authority or Certificate Authority (CA), that is, the company that will generate your SSL will use this CSR to generate this SSL certificate.

How to generate a CSR?

Generating a CSR is very simple, they are generated using a public and a private key, thus, the public key is included in the CSR file, and the private key is used to digitally sign the CSR file.

The content of a CSR file is basically plain text with a series of values, some of which you will see below:

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = your_country
ST = your_state
L = your_city
OR = your_company_name
OU = IT Dept.
CN=yourdomainname.com
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = www.yourdomainname.com

In the data above, replace:

  • your_country - The country where your organization is registered.
  • your_state - The state/province where the company is registered.
  • your_city - The city where the company is registered.
  • your_company_name - The full name of your company.
  • yourdomainname.com - Your domain name. Note that you should replace it twice in the file.

After creating this file, in a txt file named config.txt, you must type the following command, via SSH

openssl req -new -out certificate.csr -newkey rsa:2048 -nodes -sha256 -keyout certificate.key -config config.txt

Two files are created in the process:

certificate.csr : this file contains the Certificate Signing Request.

certificate.key : this file contains the Private Key that you will need during the installation of the SSL certificate.

Security Issues

Deleting the file containing the private key from your account, once you have copied it to a safe place, is recommended for security reasons.

There are CSR file generators online, which you can also use:

How to open CSR files

Related extensions