First select a directory on your web server or create a new directory in which the new files to be created can be stored.

Creating the private key

For RSA key material (currently still standard):

openssl genrsa -out commonname.key 4096

For ECC key material:

openssl ecparam -out commonname.key -name prime256v1 -genkey

Now generate the Certificate Signing Request (CSR)

With RSA / ECC key:

openssl req -utf8 -sha256 -new -key commonname.key -out commonname.csr

The following data is now requested:

  • Country Name: DE (for Germany)
  • State or Province Name: Hessen (please no abbreviations)
  • Locality Name: Giessen (your city)
  • Organization Name: CertCenter AG (full company name, if available)
  • Organization Unit Name: IT (Department, optional)
  • Common Name: www.certcenter.de (full hostname or *.domain.de for wildcards)
  • Email Address: [email protected] (email address of a contact person)
  • A challange password: (please leave empty, otherwise your webserver may not start automatically)

If required, you can now generate a self-signed certificate:

openssl x509 -req -days 60 -in commonname.csr -signkey commonname.key -out commonname.crt

Copy CSR for Certificate Request

cat commonname.csr


Copy the output to the clipboard and paste the CSR into the input box of the CSR field in the ordering process.

Did this answer your question?