Generate Certificate Signing Requests (CSRs) for TLS Server Certificates

Commandline Example

Two environment variables are exported:

export FQDN=my.server.domain COMMENT="A Test Request"

Some filenames are derived from the server name:

key=$FQDN.key csr=$FQDN.csr

Now, a private key is generated:

openssl genrsa -out "$key" 4096

Now, the request is generated:

openssl req -new -key "$key" -out "$csr" -config server.conf

Before submitting it, the request can be reviewed:

openssl req -in "$csr" -noout -text

This procedure can be repeated for a list of requests as determined by FQDN and COMMENT.