Nginx CSR Creation using OpenSSL

If you already have your SSL Certificate and just need to install it, see Nginx SSL Certificate Installation. To find out more about DigiCert SSL certificates for Nginx, see Nginx Server SSL Certificates from DigiCert.

Recommended: Our OpenSSL CSR Wizard will help you generate an OpenSSL command to create your Nginx SSL CSR. Just fill in the form details, click Generate, then paste your customized OpenSSL command in to your terminal.

Preview of OpenSSL CSR Wizard

How to generate a CSR for Nginx using OpenSSL

If you prefer, you can make your own shell commands to generate your Nginx CSR. Just follow the instructions below.

  1. Run Command

    Log in to your server via your terminal client (ssh) and at the prompt, type:

    openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

    Where server is the name of your server.

    openssl CSR generation command

  2. Generate Files

    1. Running the command above begins the process of generating two files:
      1. Private-Key file: Used to generate the CSR and later to secure and connections using the certificate.
      2. Certificate Signing Request (CSR) file: Used to order your SSL certificate and later to encrypt messages that only its corresponding private key can decrypt.
    2. When prompted for the Common Name (domain name), type the fully qualified domain name (FQDN) for the site you are securing. If you are generating an Nginx CSR for a Wildcard SSL Certificate make sure your common name starts with an asterisk (e.g., *.example.com).
    3. Next, you'll be prompted for your organizational information, beginning with geographic information. There may be default information already set.
    4. Finally, your .csr file will be created.
  3. Order Your SSL Certificate

    Open the CSR file with a text editor and copy and paste it (including the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags) into the DigiCert Certificate order form.

  4. Save Private Key

    Save (backup) the generated .key file as it will be required later when installing your SSL certificate in Nginx.

  5. Install Certificate

    After you receive your SSL certificate, you need to install it on your server. See Nginx SSL Certificate Installation.