Article ID: 123886, created on Dec 10, 2014, last review on Mar 7, 2016

  • Applies to:
  • Plesk Automation
  • Service provider products licensing

Question

How to generate certificate signing request (CSR) for Plesk / Plesk Automation?

Answer

1) You can generate CSR from Plesk directly:

  • Open the corresponding subscription on the control panel;
  • Go to the Websites & Domains and select the website you want to protect with an SSL certificate;
  • Click Secure Your Sites;
  • Click Add SSL Certificate;
  • Specify the following certificate parameters:

    1. Certificate name. This will help you identify this certificate in the repository;
    2. Encryption level. Choose the encryption level of your SSL certificate. We recommend that you choose a value more than 1024 bit;
    3. Your location and organization name. The values you enter should not exceed the length of 64 symbols;
    4. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. Example: your-domain.com;
    5. The website administrator's email address.
  • Make sure that all the provided information is correct and accurate, as it will be used to generate your private key.
  • Click Request;
  • Plesk will generate your private key and certificate signing request and add them to your certificates repository (Websites & Domains > Secure Your Sites);
  • In the list of certificates, click the name of the certificate you need;
  • Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard;
  • Go to the SSL order and paste CSR from the clipboard into SSL purchase form and click Continue;
  • The certification authority will create an SSL certificate in accordance with the information you supplied.

2) CSR can also be created with an openssl utility:

  • Login to the server via SSH. Issue the following command:

    openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
    

where server is the name of your server.

  • This will begin the process of generating two files: the Private-Key file for the decryption of the SSL Certificate, and a certificate signing request (CSR) file used to apply for the SSL Certificate;

  • When prompted for the Common Name (domain name), enter the fully qualified domain name for the site that is to be secured. If generating an Nginx CSR for a Wildcard SSL Certificate, make sure the common name starts with an asterisk (e.g. *.example.com);

  • After that other information will be requested such as organizational information, beginning with geographic information. There may be default information set already;

  • Then .csr file will be created;

  • Save (back up) the generated .key file as it will be required later when installing the SSL certificate in the webserver.

Search Words

SHA-2

CSR generated through Plesk has incorrect subdomain

SSL certificate

CSR

Plesk

PPA

e0aff7830fa22f92062ee4db78133079 caea8340e2d186a540518d08602aa065 0fb3394a2c69b44bea0b259a86272ad9 dbd9c930a53370cd4abd5c7ff1b5f55c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF