Manually Create a CSR in Windows
When using SSL on Windows, you must create a Certificate Signing Request (CSR) to receive an SSL certificate.
- A CSR is a data file that contains the Public Key and your domain details.
- You will submit the CSR to your SSL provider.
- Your provider will verify and then issue a SSL certificate in a .crt file.
You should use the FileCloud control panel to create a CSR. If you encounter issues, you can create the request manually.
Create a CSR using the FileCloud Control Panel
To manually create an SSL certificate, you can use the openssl tool included with FileCloud Server.
To manually create a CSR:
1. On the FileCloud server, navigate to the following directory:
2. To open the tool, double-click OpenSSL.
3. To create a Private Server Key, type the following code: (If your SSL provider does not accept key lengths of 2048, a higher length of 4096 can be used in the follwing command.)
C:\xampp\apache\bin>openssl genrsa -des3 -out server.key 2048 -config "C:\xampp\apache\conf\openssl.cnf"
4. To create a Certificate Request (CSR), type the following command:
C:\xampp\apache\bin>openssl req -new -key server.key -out server.csr -config "C:\xampp\apache\conf\openssl.cnf"
5. You will be prompted to enter the following information:
|State or Province Name||TEXAS|
full name - no abbreviations
full city name
|Organization Name||Internet Widgits Pty Ltd|
|Organizational Unit Name||Accounts Payable|
server FQDN or YOUR name
Be sure to enter the actual server's fully qualified name
If it is a wildcard certificate for all sub domains (for example for using multi tenancy), then be sure to enter *.yourdomain.com
|A challenge password||Use the same passphrase you typed in when opening the tool.|
6. Apache won't start up properly if the key is secured with passphrase, so to remove it, type the following command:
copy server.key server.key.secure openssl rsa -in server.key.secure -out server.key
7. You can now submit the CSR to your SSL provider.
The provider will sign and give you an SSL certificate usually called as server.crt.