How create a SSL (TLS) request for a server that need a certificate?
Install openssl on your Centos Linux with command:
yum install openssl
Create a folder to work in mkdir /ibm
Go to that folder cd /ibm
Create a text file with a text editor like; nano san.txt
[ req ] default_bits = 2048 distinguished_name = req_distinguished_name req_extensions = req_ext prompt = no [ req_distinguished_name ] countryName = Country Name (2 letter code) stateOrProvinceName = State or Province Name (full name) localityName = Locality Name (eg, city) organizationName = Organization Name (eg, company) commonName = Common Name (e.g. server FQDN or YOUR name) [ req_ext ] subjectAltName = @alt_names [alt_names] DNS.1 = servername DNS.2 = servername.domain.com DNS.3 = dnsalias.domain.com
Save above text in the file after you change to your server-names.
openssl req -out /ibm/request.csr -newkey rsa:2048 -nodes -keyout /ibm/privateKey.pem -config /ibm/san.txt
Above will give a new server private key and a certificate request for a cert.
Check the request with command:
openssl req -text -noout -verify -in request.csr
Check the private key with command:
openssl rsa -in privateKey.pem -check
The private-key should only be stored on the server where it should be used.
The certificate request you copy and paste to your Certificate Authority to generate your certificate.
This option creates a new certificate request and a new private key.