Cryptography Tutorials - Herong's Tutorial Examples - Version 5.36, by Dr. Herong Yang
Generating Certificate Signing Request (CSR)
This section provides a tutorial example on how to generate a CSR (Certificate Signing Request) for your public key with OpenSSL.
In order to send your public key to a CA for signing, you need to put the public key in a file called certificate signing request (CSR). Here is how to use the "req" command to do this:
>openssl req -new -key herong_rsa_des.key -out herong.csr -config openssl.cnf Enter pass phrase for herong_rsa_des.key: You are about to be asked to enter information that will be incorp... into your certificate request. What you are about to enter is what is called a Distinguished Name... There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) []:CN State or Province Name (full name) []:PN Locality Name (eg, city) []:LN Organization Name (eg, company) []:ON Organizational Unit Name (eg, section) []:UN Common Name (eg, YOUR name) []:Herong Yang Email Address []:. Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:myreq An optional company name []: >type herong.csr -----BEGIN CERTIFICATE REQUEST----- MIIBETCBvAIBADBXMQswCQYDVQQGEwJDTjELMAkGA1UECBMCUE4xCzAJBgNVBAcT AkNOMQswCQYDVQQKEwJPTjELMAkGA1UECxMCVU4xFDASBgNVBAMTC0hlcm9uZyBZ YW5nMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKnmGcbuiAGG2XKek5LbVwF7AoT8 HuNXXip7KyWevbrFlSxJWSjfpmeGJo7/Nsw6hFwor28RyAy1wsW5BNYOXdECAwEA AaAAMA0GCSqGSIb3DQEBBAUAA0EALE+d7H514HyQXu2CgwXYDvqZRngFLZFdGxQN 6AtEXXV+eC2c+URNBcmoF3oghJdPqZv7D1nZ7EBf20XSWzioQA== -----END CERTIFICATE REQUEST-----
Note that the certificate is also saved in an encoded format called PEM.
Last update: 2013.
Table of Contents
Introduction to AES (Advanced Encryption Standard)
DES Algorithm - Illustrated with Java Programs
DES Algorithm Java Implementation
DES Algorithm - Java Implementation in JDK JCE
DES Encryption Operation Modes
PHP Implementation of DES - mcrypt
Blowfish - 8-Byte Block Cipher
Secret Key Generation and Management
Cipher - Secret Key Encryption and Decryption
RSA Implementation using java.math.BigInteger Class
Introduction of DSA (Digital Signature Algorithm)
Java Default Implementation of DSA
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Cipher - Public Key Encryption and Decryption
OpenSSL Introduction and Installation
OpenSSL Generating and Managing RSA Keys
►OpenSSL Generating and Signing CSR
Why Certificates Need to Be Signed by CA?
►Generating Certificate Signing Request (CSR)
Viewing Components of Certificate Signing Request
Signing a Certificate Signing Request
OpenSSL Validating Certificate Path
"keytool" and "keystore" from JDK
"OpenSSL" Signing CSR Generated by "keytool"
Migrating Keys from "keystore" to "OpenSSL" Key Files
Certificate X.509 Standard and DER/PEM Formats
Migrating Keys from "OpenSSL" Key Files to "keystore"
Using Certificates in IE (Internet Explorer)