Introduction
In this how-to we discuss how to generate a CSR for a Public IP address for use with DV and OV certificates.
Procedure
First, Create a request configuration file similar to the following:
[req]
default_bits = 4096
default_md = sha256
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = $YourCountry
ST = $YourState
L = $YourCity
O = $YourCompany
OU = $YourDivision
CN = $YourPublicIP
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
IP.1 = $YourPublicIP
Replacing the $variables above with your appropriate information.
Next, generate the Private key and CSR for the certificate:
openssl req -new -newkey rsa:2048 -nodes -keyout private.key -out csr.csr -config /path/to/req/file/from/above
Once completed you will have a valid Certificate Signing Request in the file csr.csr.