Start FileCloud FREE Trial
Log in

Manually Create a CSR in Windows

When using SSL on Windows, you must create a Certificate Signing Request (CSR) to receive an SSL certificate.

  • A CSR is a data file that contains the Public Key and your domain details.
  • Submit the CSR to your SSL provider.  
  • Your provider verifies the CSR and issues an SSL certificate in a .crt file.  

  Use the FileCloud control panel to create a CSR. If you encounter issues, you can create the request manually.

Create a CSR using the FileCloud Control Panel


To manually create an SSL certificate, use the openssl tool included with FileCloud Server.

To manually create a CSR:

  1. On the FileCloud server, navigate to the following directory:
    c:\xampp\apache\bin
  2. To open the tool, double-click OpenSSL.

  3. To create a Private Server Key, type the following code: (If your SSL provider does not accept key lengths of 2048, a higher length of 4096 can  be used in the follwing command.)
    C:\xampp\apache\bin>openssl genrsa -des3 -out server.key 2048 -config "C:\xampp\apache\conf\openssl.cnf"

    Note

    If you encounter any errors related to:

    unable to open configuration file

    Then run the following in the command prompt to set the path.

    set OPENSSL_CONF=c:\xampp\apache\conf\openssl.cnf
  4.  To create a Certificate Request (CSR), type the following command:
    C:\xampp\apache\bin>openssl req -new -key server.key -out server.csr -config "C:\xampp\apache\conf\openssl.cnf"
  5. You will be prompted to enter the following information:
    InformationExampleNotes
    Country NameUS2letter code
    State or Province NameTEXAS
    full name - no abbreviations
    Locality NameHouston
    full city name
    Organization NameInternet Widgits Pty Ltd
    company name
    Organizational Unit NameAccounts Payable
    section name
    Common Namefilecloud.IWPL.com
    server FQDN or YOUR name

    Be sure to enter the actual server's fully qualified name

    filecloud.yourdomain.com

    If it is a wildcard certificate for all sub domains (for example for using multi tenancy), then be sure to enter *.yourdomain.com

    *.yourdomain.com
    Email Addressmoneyman@iwpl.com
    A challenge password
    		Use the same passphrase you typed in when opening the tool.
  6. Apache won't start up properly if the key is secured with passphrase, so to remove it, type the following command:
    copy server.key server.key.secure
openssl rsa -in server.key.secure -out server.key
  7. You can now submit the CSR to your SSL provider.
    The provider will sign and give you an SSL certificate usually called as server.crt.