How to generate a CSR on a Linux server

This article will discuss how to create a CSR (Certificate Signing Request) for an SSL in Linux. This is necessary if you are submitting a request for an SSL with another provider.

• SSH into the Linux server. If you are unsure of how to SSH, please see how to SSH on Windows | Mac .
• At the command prompt, type the following and hit Return. Change the bit length (2048) to the appropriate bit length for the SSL issuer. Typically 2048 is sufficient.

openssl req -nodes -newkey rsa:2048 -keyout domain.key -out domain.csr




Updated on 18 September 2014 - use sha2 algorithm as there has been a major security breach for sha1




openssl req -new -newkey rsa:2048 -nodes -sha256 -out domain.csr -keyout domain.key


To check CSR details:

openssl req -noout -text -in domain.csr




Fill out the requested information below. For the State, use the full name not an abbreviation. The Organization Name should be a publicly verifiable name (such as is listed on bank statements, bills, taxes, etc). The common name is the domain for which the SSL is being issued. For example, if you’re ordering an SSL for domain.com, then the name would be domain.com. If you’re ordering an SSL for www.domain.com, then the name would be www.domain.com.

You may chose to leave the email address and challenge password blank by simply hitting return when prompted.

Generating a 2048 bit RSA private key
………..+++
………………………..+++
writing new private key to ‘domain.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:Newark
Locality Name (eg, city) [Newbury]:Delaware
Organization Name (eg, company) [My Company Ltd]:My Company Name
Organizational Unit Name (eg, section) []:Security
Common Name (eg, your name or your server’s hostname) []:www.domain.com
Email Address []:
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

• Once the form is filled out, two files will be created in the directory in which the command was run. The filedomain.csr has the CSR for the SSL which will need to provide to the SSL issuer. It will look similar to the following:

—–BEGIN CERTIFICATE REQUEST—–
MIICvDCCAaQCAQAwdzELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk5ld2FyazERMA8G
A1UEBxMIRGVsYXdhcmUxGDAWBgNVBAoTD015IENvbXBhbnkgTmFtZTERMA8GA1UE
CxMIU2VjdXJpdHkxFzAVBgNVBAMTDnd3dy5kb21haW4uY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tL9PpRMD4JeB4jZkIXGT5k4AGpGf/FTSNfn
ENuADQFCco0E+w+HqcAYtDBHzTSuU76B6TYWURRnNLHmwX+f7GytD4tBhmDia3OQ
ffKNAZqI5uusU+Tt5qpW2qjLBeX6/jD/u5Fh75s3XIKJ5XdW5yiztOk/4LAqffx9
rR4bZac4k9nBBci6gCIK615vj+1H2wAe9t5bem/EW6bxEH1nMjenI/5siVsdtRMO
qk+6l7EqkJeGslsXcu9xsqKakAfia266xQvU24P6YCWvFvLUDr5SAvAfbO+zIGWZ
/3boR75C1NyiSopJDnXlwZ0HXNRWHBUys7ED4lEIeaQpMtTXgQIDAQABoAAwDQYJ
KoZIhvcNAQEFBQADggEBAEY/wFSLWOt1S2bTt72l68K5pt0oaBaY0HX6DgPYUeP2
OR5JX5G7Cb4eVGDBWuDtVxxN2YrzzgD6ASj9pL0mzkYuFaRy3uUo0ZedzdPXgVX2
r+5OdjrewPpIgL2i91EB/JytAdgr5fVKQpaZntFu7DJHBVpcGrEN0Kan/OGg2ZU0
08yhyoejXtY1i8YUwPpoqD126N0xczYclMg/BaSME5R3Vbcr3i5Ruz0ByjoQtKSt
1Z8CWIiZNH1WhB2fy8Z2ARCsM1g2Xh43TqjRDhIIFU/dbDqmFHhvivxv2bzB9cbi
ureFe4oU8af7K9w4EbSzKgcqBOwNwnQy7DpcmIHXB4s=
—–END CERTIFICATE REQUEST—–

• The file domain.key has the key for the SSL which will you will need once the SSL is issued. The certificate, once issued, must match the key in order for the SSL to be installed. It will look similar to the following:

—–BEGIN RSA PRIVATE KEY—–
MIIEpQIBAAKCAQEA6tL9PpRMD4JeB4jZkIXGT5k4AGpGf/FTSNfnENuADQFCco0E
+w+HqcAYtDBHzTSuU76B6TYWURRnNLHmwX+f7GytD4tBhmDia3OQffKNAZqI5uus
U+Tt5qpW2qjLBeX6/jD/u5Fh75s3XIKJ5XdW5yiztOk/4LAqffx9rR4bZac4k9nB
Bci6gCIK615vj+1H2wAe9t5bem/EW6bxEH1nMjenI/5siVsdtRMOqk+6l7EqkJeG
slsXcu9xsqKakAfia266xQvU24P6YCWvFvLUDr5SAvAfbO+zIGWZ/3boR75C1Nyi
SopJDnXlwZ0HXNRWHBUys7ED4lEIeaQpMtTXgQIDAQABAoIBABTrAqAmebgP9uxY
5niXUhkZHwH6dZlEGBUvFmhMBVYjPJYTtdPfiEg40nqKqnq/LKBNIilyJf7HAIKT
LmkiQ06+R5RQ5V9hFgpYWxC9II56A6P+bnVyuTaJCf+kdaFq4Tbvinhc9QpxGzdk
cYA9Z0JkP83n0UbkqoRaj59yRSKC3TosSWCQ8TVTxWU8U36mTpCUIFvcgbQGIKph
irj8briWCM9xiErSESYP77WQxERvoW6brKD9jZ/BNmTMuQ+akOa8BxqP6LOx/bob
jqrmxsDkcmjzMXS8SCG3FkJk2K1Tam8aCqQHMBjbUFJByjIDnT237sue7qFmyQFJ
T2izt6ECgYEA95LBuszZS+cM3I/7mxRIPWoKb4ao881xNlYUvwboDMRAIFAlRNfV
c7Qjlt5TeVwlIvrYdL0L0d92FrXbh7lGcK2yOKFW4OrrlKySqXSto7c2LWy2DJkm
Hs9NO6ZDB/6X78UU4tVvFS5m/AA9J27Pk8lq/p4OuTki4yH3b3mLqJ0CgYEA8tEk
f2NeYk7YMm9Oc4fBlAF2CfJRwGf7GqwbT9Us04AWgv3XlohJaibGWJjVrHBCirAY
jxQsKhF2zjnxs9gWZ5k2PqvczTF2vs025tSimxbBcUOhMUNEaSr6ugTfjFkbdcTG
Wx/HyxH8cbYOYWKrbJSQknh8N+DO+N/y2yMt+zUCgYEAunZ+EwNWZiSPO0/2YMbV
4euMEJOLjJSfQB11YqsA+xyUb8HtT/x/d7WlWGv60tzj24Syorn/vQJhHpm5zm9s
7lDkemKJ3L0S0ddoXtjSLww+cdf/BV4TqADaWqLOuaa3KI93O6ElGP7p8cL8TEbZ
cKWzQDIrRLYT4J4kjoEs/sECgYEA6Qv575m7mLb7oUxbC18cV6UfWWSNOhGSW4Mb
o3+CSmwBLy/ansunSo50h8wIKDyGYP2qVIiT6rxgPoY2iNm4hy3xdi0U+oui4HWt
X9ZtSlSIzOCP8OwS2K07fxX2SImtZVa62fKimzBkDe8h1i4RQWFFcI7bCfZmL08h
k1ksZJECgYEAmQ73FoPsGv/uynBXVJWk3j7yDLNNHzbL9bIs5dQ9157RhInWRsNX
TvUdnukuB4hkaxvINz9mXn/2kJtsi/D5oWfrPKA1Gyzze9Rmr260p4ciy3q9YvBc
Issaav6wkaLRG9EtTU27ptda5ovYMLYE5OcrtDTtvaxFVaTRhzO9GWw=
—-END RSA PRIVATE KEY—-

 

''another skype instance may exist''

You want to login to skype but you cant because you receive the following error:
"'another skype instance may exist'"
This seems to be a common problem with skype and ubuntu.

Solution:

1] Open the terminal
2] cd into the folder /home/users/username/.Skype by typing the command
#cd /home/users/username/.Skype
#ls

You may see 3 files : shared.lck, shared.xml and skype_account

3] Move the folder skype_account to skype_account1
#mv skype_account skype_account1

4] Revert it back
#cp -arv  skype_account1 skype_account

Restart the skype and login!!!!

Does this work?
Leave me a comment.