I can never remember how to generate a certificate request (CSR) when doing a one-off certificate. I use a script for my normal certs at work but sometimes I want to make one for personal use or a self signed cert.
Here is how to create a CSR for a site called boxtricks.com
openssl req -out boxtricks.com.csr -new -newkey rsa:2048 -nodes -keyout boxtricks.com.key
When you run that, fill it out something like this:
Generating a 2048 bit RSA private key
...................+++
............................................................................................................+++
writing new private key to 'boxtricks.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Wisconsin
Locality Name (eg, city) []:Watertown
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Boxtricks
Organizational Unit Name (eg, section) []:Web Hosting
Common Name (eg, YOUR name) []:www.boxtricks.com
Email Address []:[email protected]
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []: