To generate CSR request and private key via Ubuntu Linux console follow the instructions.

For one domain.

Enter the console and see:

openssl req -nodes -newkey rsa:2048 -keyout -out -subj "/C=UA/ST=Lvovskaya oblast/L=Yavorov/[email protected]"

Fill it with the necessary data: domain name. UA – country abbrevition (use only lowercase letters). Lvovskaya oblast – state/province, Yavorov – locality/city. [email protected] – e-mail for verification, not necessarily.

We get 2 files: and

1. Generate a private key for

openssl genrsa -out 2048

2. Create a OpenSSL config file with the name openssl.cnf:

distinguished_name = req_distinguished_name
req_extensions = v3_req
countryName = Country Name (2 letter code)
countryName_default = UA
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = LV
localityName = Locality Name (eg, city)
localityName_default = Lviv
organizationalUnitName  = Organizational Unit Name (eg, section)
organizationalUnitName_default  = Domain Control Validated
commonName = Company Ltd
commonName_default =
commonName_max  = 64
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
DNS.1 =
DNS.2 = *
DNS.3 =
DNS.4 =

3. Generate CSR request for a certificate:

openssl req -new -out -key -config openssl.cnf

We get 2 files: and

CSR request and private key were successfully created via Ubuntu Linux console.