Skip to main content

How to generate an SSL Certificate that does not contain an subject alternative name (SAN) and install it under a domain.

Charles Webb
  • Updated

Introduction

There are some SSL providers out there that do not accept SSL CSR Certificates that contain a subject alternative name commonly used with one certificate covers multiple aspects of a domain (www.domain.com, mail.domain.com, *.domain.com, etc)

 

Below is a method on how to generate a certificate manually and install it for your domain.

 

Please note, that this will only cover one domain, if you want coverage for more than just domain.com for example, you will want to read the following articles.

 

Why does my CSR generated via cPanel or WHM contain a SAN?

How to generate a CSR for your domain

 

Procedure

Run the following command

 

openssl req -out certificate.csr -newkey rsa:2048 -nodes -keyout certificate.key

 

Replacing certificate with whatever name you choose (perhaps the domain name?)

 

You will fill out the fields that are presented (if a field should be blank, insert the period then press "enter")

 

Generating a 2048 bit RSA private key
.....................................................................................................................................................................+++
..........................................................................................................................................+++
writing new private key to 'certificate.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:TX
Locality Name (eg, city) [Default City]:Houston
Organization Name (eg, company) [Default Company Ltd]:cPanel
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:domain.com
Email Address []:email@address.com

Once complete, the csr and key will be available to provide to your SSL provider.

 

To install the SSL Certificates in your domain, please review the following article

 

How to install an SSL certificate on a domain in WHM

Related articles

Comments

0 comments

Article is closed for comments.