Differences

This shows you the differences between two versions of the page.

--- cloudappliance:createcsr [2024_03_18 19:54] – steven
+++ cloudappliance:createcsr [2024_03_18 19:54] (current) – removed steven
@@ Line 1: / Line 1: @@
-====== Creating a CSR (Certificate Signing Request) ======
-Log in as smeconfiguser then become root
-Generate a config file we'll use, update the <server fqdn> with the URL you'd like to use for access.
-vim san.cnf
-    [ req ]
-    default_bits       = 2048
-    distinguished_name = req_distinguished_name
-    req_extensions     = req_ext
-    [ req_distinguished_name ]
-    countryName                 = Country Name (2 letter code)
-    stateOrProvinceName         = State or Province Name (full name)
-    localityName               = Locality Name (eg, city)
-    organizationName           = Organization Name (eg, company)
-    commonName                 = Common Name (POC Server FQDN)
-    [ req_ext ]
-    subjectAltName = @alt_names
-    [alt_names]
-    DNS.1   = <server fqdn>
-Next we'll use this config file and generate a key and csr, please fill out the releavnt locality info during this setup:
-   openssl req -out server.csr -newkey rsa:2048 -nodes -keyout private.key -config san.cnf
-This will generate 2 files:
-    private.key
-    server.csr
-Copy the file private.key to the private certs folder
-    cp private.key /etc/pki/tls/private/
-Ensure the file is in the proper location before deleting it:
-    cat /etc/pki/tls/private/private.key
-    rm private.key
-Send the CSR to the Certificate Authority of choice
-    cat  server.csr
-The certificate authority will reply with a signed public key and intermediary certs.