OpenSSL Example

  • To create a private key called myserver.uwaterloo.ca.key using OpenSSL, use the command:

openssl genrsa -out myserver.uwaterloo.ca.key 2048

 

Note When using the commands in the examples below, use the name of your own server, instead of myserver.uwaterloo.ca.

Certificate Signing Request example

  • To create a Certificate Signing Request (CSR) called myserver.uwaterloo.ca.csr with the previously generated private key myserver.uwaterloo.ca.key, using OpenSSL, use the command:

openssl req -new -key myserver.uwaterloo.ca.key -out myserver.uwaterloo.ca.csr

  • Use the name of your own server, instead of myserver.uwaterloo.ca, to name the files. The required University of Waterloo location fields can be specified on the command line, as in this example:

openssl req -new -key myserver.uwaterloo.ca.key -out myserver.uwaterloo.ca.csr -subj /C=CA/ST=Ontario/L=Waterloo/O=University\ of\ Waterloo/CN=myserver.uwaterloo.ca

  • The CN field identifies your server, and must contain your full server name.

 

Need help?

Contact the UW/IST Certificate Authority.

Article feedback

If you’d like to share any feedback about this article, please let us know.