The "C:\OpenSSL-Win32\bin" directory holds all the files necessary to generate new SSL certificate requests. Openssl.exe should be used to generate the following two files:
- rui.key - A 1024-bit RSA key that we will use to generate a new SSL Certificate request file
- rui.csr - The .csr file contains the certificate request information that can be submitted to a SSL Certificate Authority in order to issue a new SSL Certificate.
First, lets' create a new key file. At the command prompt, type "openssl genrsa 1024 > rui.key" and press enter.
A new file called “rui.key” has now been created under “C:\OpenSSL-Win32\bin”. This file can now be used to generate a new certificate request file.
Now that the rui.key file has been created by OpenSSL, issue the following command at the prompt in order to generate a new certificate request file: “openssl req –new –key rui.key > rui.csr”
OpenSSL will now request the following information that will be package into the certificate request file. This information will be used by the Certificate Authority to issue and sign a new SSL Certificate.
| Field Name | Field Description |
| Country Name (2 letter code) | Find your 2 letter country code here (Opens in a new window) |
| State or Province Name | State/Province/County of the Organisation |
| Locality Name (e.g. City) | City (e.g. London) |
| Organization Name | Enter your Company Name |
| Organizational Unit Name | Enter your Department Name |
| Common Name | Enter the FQDN of the server of which the certificate should be issued to |
| Email Address | Email Address of Requestor |
| A challenge password | Enter a Password |
| An optional company name | Normally left blank |
OpenSSL has now created a file called “rui.csr”. This file contains the request that needs to be submitted to a Certificate Authority in order to issue and sign a new SSL Certificate based on the information entered into the request.
Continue to Step 3: Submit the new Certificate Request to a Certificate Authority