Name.comSupportArticlesHow to generate CSR through terminal using OpenSSL

How to generate CSR through terminal using OpenSSL

Last Updated: April 04, 2024

Secure Socket Layer (SSL) certificates play a crucial role in securing data transmission over the internet. Whether you're setting up a website, an application, or a server, having an SSL certificate ensures encrypted communication between the client and the server, safeguarding sensitive information from unauthorized access. While there are various methods and tools available to generate SSL certificates, using the terminal provides a straightforward and efficient approach. In this guide, we'll walk through the process of generating SSL certificates using the terminal on a Unix-based system.

  1. Open a terminal window and enter the following command:
    openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
     Note: This command creates a private key file named server.key and a CSR named server.csr. You can change these in the command to your domain name, or a preferred file name.

  2. You will be prompted for the following information:

    1. Country Name: type the two-letter country code for your location, and then press Enter.

    2. State or Province Name: type the full name of your State or Province, and then press Enter.

    3. Locality Name: type the town or city name for your location, and then press Enter

    4. Organization Name: type your company or organization name, and then press Enter.

    5. Organizational Unit Name: if needed, type the organizational unit, then press Enter. Alternatively, to leave this field blank, just press Enter.

    6. Common Name: type the domain name that you want to secure with the SSL certificate, and then press Enter. Note: The common name is often simply your domain name, such as Or, if you are going to install an SSL certificate for a subdomain, However, if you are going to install a wildcard certificate, make sure that you use *, where represents your domain name.

    7. Email Address: type the e-mail address that you want to associate with the certificate, and then press Enter.

    8. Challenge password: *optional* press Enter.

  3. OpenSSL generates the private key and CSR files based on the .key and .csr filenames used in the command during step 1. These files will be saved to your device, however, you can view and verify the information contained in the CSR through terminal. To do this, type the following command:
    cat server.csr
    Note: If you changed the .csr file name, you would replace "server" with your chosen name.
  4. You can use the generated CSR to issue your SSL through your account.




Contact our Support Team.

Didn't find what you need? We're here to help.

Chat with an expert

Live agent: 12am - 5pm MST, every day

Live virtual bot: 5pm - 12am MST, every day

Open a support ticket

Please choose your form and submit to our team.

Get your business online and on point

Do it all right here with tools that make every step simple.

Search domains