Step:1 Generate key for Apache in linux.
[root@hostname test]# openssl genrsa -out postrga.key 2048
Generating RSA private key, 2048 bit long modulus
.............................+++
..............................................................+++
e is 65537 (0x10001)
[root@hostname test]# ls
postrga.key
Step:2 Generate csr from postrga key.
[root@hostname test]# openssl req -new -key postrga.key -out postrga.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:QA
State or Province Name (full name) []:DOHA
Locality Name (eg, city) [Default City]:Doha
Organization Name (eg, company) [Default Company Ltd]:B bank
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:hostname
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:welcome123
An optional company name []:NA
[root@hostname test]# ls -lrt
total 8
-rw-r-----. 1 root root 1679 Oct 5 09:22 postrga.key
-rw-r-----. 1 root root 1058 Oct 5 09:25 postrga.csr
Step:3 Validate key.
[root@hostname test]# openssl rsa -in postrga.key -check
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAzIXG3I02jOPsGdlqMj1h2U3/vCZoXfEdPY/0uZpM5FHjuo38
0UggfO88ZtMECgsPwEy2mmJ9w55S+/aJoojwdDyZgT2VOPIwRsheTh0zD9s374Y8
ZSTbmCSVIPeunw6N5iUW7qYH99VgLPo87hwbJauetDRxDF9A1OT0lTCxI/dO3dHb
/mYGdc1tbmpifENrgYZJmHKRHiKWVNDrzI9FyyjIUF2ziCFXQf0c+ZaIT0zj7L5H
Uv0rvJkFKfc6QQdbfryOtqhTVIpE81TQ9ygw3M0pARReo4pj4VyYWvw5/orCpmQ0
kE5w2j2aAkLbieWpMut4MwtEo0MzaePiDsZ7qwIDAQABAoIBABdEoPs2lZ4x0Aqg
0ZQlp5wxY4bkV7tYUxtN5Wm4REc1idMPlFO7APc1wIlyOGNsHr6h+6RU0DoRKR/B
TKdRLQoMWup5NyDjbNqgsRnx+H01U4fMndJj/xewEcdOZm9yGHK2hYVhHkbz350+
WvA8Alqmy8d0r+fYbmfKJIlUoNKWfC7lVTndg6WWCVqhJ/Dtgd8zHf9c1eH2XcOM
NNTTlLhpOc/TKyCeQChpbUeqLm71eJuMOzKHo71ZhuSUBWmQvnTZ3XgvRpJ/2nt9
ut5TTzz0XBS/x/UMoTOVBeCuAp3IiXfTWHQZ2tEeKHVOb/HIGf5To7XHydyT++PI
kgoLmgECgYEA6a2yQErTjLn//jkXpilC0EuDJPp1o92fstLPDokRqJJKLrf06Q5A
Adp5oEImjfqIxu0JiB6q5duHL0NxYF5Zi0XCdjYL4+NZq2GQMwz02VX61A9jQ6dj
oe2Y/GQp6HNFPJRsEH7PHDrJ7r7pIiazS2yCYsDaNWY/d3KbdibvrfMCgYEA4A8c
K6kKUhLRUPiIe/pecziWd3wa9hU9reFAwKlh0YxxM6dYe8nDpEhrq1/VZj2PHYNi
qUXNqbDR9u1KLXhxG9d0hcD/XLP9nQZ/up3nEKaPjKpq5qFZohUPpRt+tAXxxch3
CFhI+0Aa5NOYK6VkgLaPeAG6aS7OJ+wkg3ApEWkCgYEAq/nRfc+T8bXR2N9bsEYd
jf6E/en2OisZJRpQmHn4LP+86LUp4XtDUBnh+Te1+DeyAfThVvR7Ab+WtgoEns/R
RtaIT0dnaMghbifXYDrg2DKW7wqEG35NrRaXyOhOj2yGQBdbkKhC9Juvka2fFis1
OQUa0GLuNO6TNu15zHLLYlECgYEA0/r3uAbyELxk9Kpu1n0FpxU+pkTwbSmjdULL
tHuMZGjvIOOOv28gfelWlIjSqSxMnquTSHsWHRmBTJErwOFWgfTR9UmnT9mqdEmV
xsVlu0caQQdqpFC7MLGkX50nvsJw/6Ktm2OLiMoZp6zZJ1IPSAdwrSVVa/YwbWzp
DsGq2SECgYA3Q6U0ZQAyUZyYUVXXr1a6O1rtdLcZFQ2GhHTOEMnS10LsHULH20Oz
6iUsqs7Pq/cp24QJPix/9TJUGILJUDRKF9MLIHEwa8QgI1nZPCHUGfbvd6GM3bPi
Ox1ESgJahisOE+6uE2Y6kHbr3C7X/UF8sSZ3SGYy/VRybDT5DiQjCw==
-----END RSA PRIVATE KEY-----
Step: 4 Validate generate CSR.
[root@hostname test]# openssl req -text -noout -verify -in postrga.csr
verify OK
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=QA, ST=DOHA, L=Doha, O=B bank, OU=IT, CN=hostname
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cc:85:c6:dc:8d:36:8c:e3:ec:19:d9:6a:32:3d:
61:d9:4d:ff:bc:26:68:5d:f1:1d:3d:8f:f4:b9:9a:
4c:e4:51:e3:ba:8d:fc:d1:48:20:7c:ef:3c:66:d3:
04:0a:0b:0f:c0:4c:b6:9a:62:7d:c3:9e:52:fb:f6:
89:a2:88:f0:74:3c:99:81:3d:95:38:f2:30:46:c8:
5e:4e:1d:33:0f:db:37:ef:86:3c:65:24:db:98:24:
95:20:f7:ae:9f:0e:8d:e6:25:16:ee:a6:07:f7:d5:
60:2c:fa:3c:ee:1c:1b:25:ab:9e:b4:34:71:0c:5f:
40:d4:e4:f4:95:30:b1:23:f7:4e:dd:d1:db:fe:66:
06:75:cd:6d:6e:6a:62:7c:43:6b:81:86:49:98:72:
91:1e:22:96:54:d0:eb:cc:8f:45:cb:28:c8:50:5d:
b3:88:21:57:41:fd:1c:f9:96:88:4f:4c:e3:ec:be:
47:52:fd:2b:bc:99:05:29:f7:3a:41:07:5b:7e:bc:
8e:b6:a8:53:54:8a:44:f3:54:d0:f7:28:30:dc:cd:
29:01:14:5e:a3:8a:63:e1:5c:98:5a:fc:39:fe:8a:
c2:a6:64:34:90:4e:70:da:3d:9a:02:42:db:89:e5:
a9:32:eb:78:33:0b:44:a3:43:33:69:e3:e2:0e:c6:
7b:ab
Exponent: 65537 (0x10001)
Attributes:
unstructuredName :NA
challengePassword :welcome123
Signature Algorithm: sha256WithRSAEncryption
0a:65:b6:45:ee:16:2d:f7:c4:8a:9c:22:56:a8:f9:dd:01:34:
dc:dd:25:ba:91:7d:21:b1:d9:40:02:a7:9d:53:17:30:c6:06:
36:0e:6f:ea:ab:04:47:69:ac:9e:a3:4f:0a:38:59:75:2f:95:
62:a1:b2:eb:85:73:94:c2:55:c8:47:ea:c8:97:a7:a0:28:69:
ff:e3:7e:e8:36:0b:01:f4:b7:46:97:76:b1:2a:14:8e:46:16:
66:2b:f1:2e:53:a2:5a:11:c5:3c:25:03:dc:aa:fd:d3:a7:96:
b8:97:b9:6d:36:ff:ef:72:83:58:24:e4:05:97:8c:fa:87:22:
12:ca:e1:c6:f4:7d:40:dc:c3:1b:59:0e:60:7f:cd:87:af:4b:
38:59:a6:50:5b:7d:bf:d6:65:97:d3:e2:30:6c:ab:d8:ee:cf:
b8:c2:ca:9a:8d:2f:68:fa:05:92:17:6d:8e:67:7b:c3:d0:8b:
57:f9:7f:c6:44:5d:12:4a:27:a2:c7:4f:b0:2e:43:df:f1:d4:
c9:94:87:e9:5e:21:82:ed:d7:56:1d:5d:bb:70:81:72:f8:b6:
f5:ad:8b:d1:2d:f5:38:68:33:b6:2e:0c:2c:33:f1:80:44:46:
0c:8b:f0:5b:52:91:53:81:9d:74:f5:5c:7d:d6:14:af:3c:18:
8d:55:18:a9
[root@hostname test]# ls
postrga.csr postrga.key
Step: 5 Send csr file to Digicert authority to get the cert file.
Step: 6 Copy all the files in below path which is given by Digicert authority.
[root@hostname test]# ls /root/test/
postrga.csr postrga.key
Step:6 Now you can configure this path /root/test/ in ssl.
