Creating a SSL Key & CSR

All done with a single command and then working through the interactive prompts and no password is mandatory, so you can just press the ‘enter’ key at the Key Password prompts..

openssl req -new -newkey rsa:2048 -nodes -keyout SERVERNAME.key -out SERVERNAME.csr

If you want to create a Key and CSR using the “SHA2” or SHA256 encryption, add the “-sha256” parameter to the above openssl command-line.

Viewing a Certificate’s details with info from

CSR Info is viewed via this command line:

openssl req -in FILE.csr -noout -text

Certificate Info is viewed via this command line:

openssl x509 -text -in FILE.crt

If you want to convert a .pfx file to a .key file, use:

openssl pkcs12 -in SERVERNAME.pfx -nocerts -nodes -out SERVERNAME.key

More information and details will be posted to this blog entry over time..

Here’s good openssl CSR generation info for EV based Certs in 2015:


This entry was posted in Network Presence and tagged , , , . Bookmark the permalink.