How to generate a certificate signing request
Below are brief descriptions of what may be requested during this process. Anything that is in bold must be filled in exactly as given right down to the capitals.
Note that the information you include in the certificate request must be exact and correct. Some data names are misleading. If you are not 100% sure of how to fill in a blank during this process please ask us as it will save a lot of time later. Note that the key must be kept safe as if it gets into public hands then all encryption efforts are lost and your system can be spoofed by others.
To check your certificate request before submitting see https://comodosslstore.com/ssltools/csr-decoder.php
Field Name Description of what to enter:
Bit Length: This is the bit length of the key. This must at least 2048.
Organization: The University of Western Ontario
Organizational Unit: Your Department or Faculty name. Please use its full name and not a short form or acronym.
Common Name: FQDN of your web server. This should be what appears in the URL when you access the secure area of your server. (ie. www.dept.uwo.ca)
Country/Region: CA
State/Province: Ontario
City/Locality: London
Documentation from Sectigo knowledgebase:
CSR Generation for NGINX OpenSSL
CSR Generation for Apache OpenSSL
CSR Generation for Microsoft IIS 5 & 6
CSR Generation for Microsoft IIS 8
Tomcat CSR Generation
Nginx (OpenSSL)
OpenSSL (Apache w/mod_ssl, NGINX, OS X)
Published on and maintained in Cascade.