To create a private key called myserver.uwaterloo.ca.key using OpenSSL, use the command:
openssl genrsa -out myserver.uwaterloo.ca.key 2048
Note When using the commands in the examples below, use the name of your own server, instead of myserver.uwaterloo.ca.
To create a Certificate Signing Request (CSR) called myserver.uwaterloo.ca.csr with the previously generated private key myserver.uwaterloo.ca.key, using OpenSSL, use the command:
openssl req -new -key myserver.uwaterloo.ca.key -out myserver.uwaterloo.ca.csr
Use the name of your own server, instead of myserver.uwaterloo.ca, to name the files. The required University of Waterloo location fields can be specified on the command line, as in this example:
openssl req -new -key myserver.uwaterloo.ca.key -out myserver.uwaterloo.ca.csr -subj /C=CA/ST=Ontario/L=Waterloo/O=University\ of\ Waterloo/CN=myserver.uwaterloo.ca
The CN field identifies your server, and must contain your full server name.
Contact the UW/IST Certificate Authority.
If you’d like to share any feedback about this article, please let us know.