1. Download and install OpenSSL for windows.
Note: We cannot support you on downloading or installing OpenSSL.
However OpenSSL will usually install in this directory C:\OpenSSL-Win32\bin
2. Run openssl.exe in command prompt.
Run command:
openssl req -new -newkey rsa:2048 -nodes -out yourfilename.csr -keyout yourfilename.key |
Note: yourfilename.csr and yourfilename.key you can edit to be more specific file names that you want to use.
Try our OpenSSL CSR Wizard
3. Fill in the following details:
Field |
Example Value |
Common Name |
youremail@example.com |
Organization Name |
DigiCert, Inc. |
Department |
IT (Any department within your organization) |
City |
Lehi (Legally registered City) |
State / Province |
Utah |
Country |
US (Two-digit country code) |
Email Address |
youremail@example.com |
Challenge Password |
tesT123 (This will be used to create the .pfx file or import the .pfx file.) |
Key Size |
2048, 3072, or 4096 |
4. Open the CSR file in TXT Editor like Notepad or Word pad.
5. Include the test into your order.
6. Download the Primary CS cert and its intermediate. You will need to save a copy of both files in the same directory where you are running the openssl.exe file.
7. Concatenate the files using this command to make a .pfx file.
openssl pkcs12 -export -out Newcscertificate.pfx -inkey yourfilename.key -in newcs.crt -certfile CA.crt |
Note: Newcscertificate.pfx, yourfilename.key, newcs.crt. and CA.crt files names in the command will need to match the actual file names.
Once you get the .pfx file you can use this file with any tool you wish.
To import a .pfx file into the local Personal certificate store, do the following:
Start Windows Explorer and select and hold (or right-click) the .pfx file, then select Open to open the Certificate Import Wizard.
Follow the procedure in the Certificate Import Wizard to import the code-signing certificate into the personal certificate store.
The certificate and private key are now available for to use.
Related Articles