> ## Documentation Index
> Fetch the complete documentation index at: https://kb.mochahost.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate CSR

## To Generate a Certificate Signing Request for Apache 2.x

1. Log in to your server's terminal (SSH).

2. At the prompt, type the following command:

`openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr`

![](https://tutorials.my-virtual-panel.com/articles/1ar.png)

Replace yourdomain with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.

3. Enter the requested information:

***Common Name:*** The fully-qualified domain name, or URL, you're securing.

If you are requesting a Wildcard certificate, add an asterisk ( *) to the left of the common name where you want the wildcard, for example*.coolexample.com.

***Organization:*** The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor's name.

***Organization Unit:*** If applicable, enter the DBA (doing business as) name.

***City or Locality:*** Name of the city where your organization is registered/located. Do not abbreviate.

***State or Province:*** Name of the state or province where your organization is located. Do not abbreviate.

***Country:*** The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.

![](https://tutorials.my-virtual-panel.com/articles/2ar.png)

If you do not want to enter a password for this SSL, you can leave the Passphrase field blank. However, please understand there might be additional risks.

4. Open the **CSR** in a text editor (**nano;pico;vi**) and copy all of the text.

![](https://tutorials.my-virtual-panel.com/articles/3ar.png)

### Apache SSL Installation Instructions

1. Save the primary and intermediate certificates to **/etc/ssl/certs/** on the server with the private key.

2. Open the Apache configuration file in a text editor. 

Apache configuration files are usually found in **/etc/httpd/**. The main configuration file is usually named **httpd.conf**. In most cases the  blocks will be at the bottom of this httpd.conf file. Sometimes you will find the  blocks in a separate file in a directory like **/etc/httpd/vhosts.d/** or /**etc/httpd/sites/** or in a file called **ssl.conf.**

![](https://tutorials.my-virtual-panel.com/articles/11ar.png)

3. If you need your site to be accessible through both secure **(https)** and non-secure **(http)** connections, you will need a virtual host for each type of connection. Make a copy of the existing non-secure virtual host and change the port from port **80 to 443**.

4. Add the lines in below:

```
 DocumentRoot /var/www/website ServerName www.domain.com SSLEngine on SSLCertificateFile /etc/ssl/crt/primary.crt SSLCertificateKeyFile /etc/ssl/crt/private.key SSLCertificateChainFile /etc/ssl/crt/intermediate.crt 
```

![](https://tutorials.my-virtual-panel.com/articles/22ar.png)

5. Change the names of the files and paths to match your certificate files:

**SSLCertificateFile** should be your primary certificate file for your domain name.

**SSLCertificateKeyFile** should be the key file generated when you created the CSR.

**SSLCertificateChainFile** should be the intermediate certificate file (if any) that was supplied by your certificate authority.

6. Save the changes and exit the text editor (**nano;pico;vi**).

7. **Restart your Apache web server** using one of the following commands:

#### CENTOS:

```
service httpd restart
```

```
/etc/init.d/httpd restart
```

#### UBUNTO:

```
/etc/init.d/apache2 restart
```

```
service apache2 restart
```

![](https://tutorials.my-virtual-panel.com/articles/33ar.png)
