How to generate a wildcard cert CSR with a config file for OpenSSL

pascal.brokmeier
Jun 7, 2017 · 1 min read

The code snippet

$ mkdir domain.com.ssl && cd domain.com.ssl
$ openssl genrsa -out ./domain.com.key 2048
$ openssl req -config csr.conf -new -key ./domain.com.key -out ./domain.com.csr -verbose

First though, the csr.conf file looks like this

[ req ]
default_bits = 4096
default_md = sha512
default_keyfile = domain.com.key
prompt = no
encrypt_key = no
distinguished_name = req_distinguished_name
# distinguished_name
[ req_distinguished_name ]
countryName = "DE" # C=
localityName = "Berlin" # L=
organizationName = "My Company" # O=
organizationalUnitName = "Departement" # OU=
commonName = "*.domain.com" # CN=
emailAddress = "me@domain.com" # CN/emailAddress=

Guides that help:

curiouscaloo

Anything about technology and where our society and technology is heading towards

pascal.brokmeier

Written by

Software Developer, Tech enthusiast, student, board sports and food lover

curiouscaloo

Anything about technology and where our society and technology is heading towards

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade