What's new

CSR Certificate Generation

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

AdrianH

Occasional Visitor
Hi All,

Is there a "easy" way to generate a CSR for a SSL certificate that can be used on my Asus-RTAX88U router.

I just want to buy a 5 year Positive SSL from Comodo to use with my domain currently setup at Google Domains (that is currently setup in DDNS), but Comodo and probably all others want a CSR.

I currently use ZeroSSL but they can "Auto-Generate CSR" which is nice.

Any ideas?
 
Yeah, I can give it a go :)

I found this but I don't think this is the same as this is self-signed.

 
What about something like this?


Just be sure to save the files to /jffs or USB so you don’t lose them on a reboot.
 
@dave14305

I managed to generate a CSR with that link you posted. Did take a little tweaking, but will post what I did below.

Firstly, I created a file in the tmp folder on the router named altnames.cnf. This file was then populated with the below which had the details of the certificate I needed. mydomain.com is just an example domain, use your own, along with your own regional/org details.

Code:
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = GB
ST = Essex
L = MyHomeTown
O = Private
OU = Private
CN = home.mydomain.com
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = home.mydomain.com
DNS.2 = mydomain.com

I than ran the following command while in that same folder as above (note the filename at end of the command):

Code:
openssl req -new -newkey rsa:2048 -nodes -keyout home.mydomain.com.key -out home.mydomain.com.csr -config altnames.cnf

This then generated the CSR and private key in the tmp folder. I could then use the home.mydomain.com.csr to generate a certificate at your SSL provider (mine being https://cheapsslsecurity.co.uk) by just copying the text directly out of the CSR file. After validating the domain by adding a cname to my domain, the certificate was available for download.

Upon uploading the SSL certificate, I could upload to the router. You will need to upload the private key file, namely the home.mydomain.com.key file. And then you upload the certificate from the provider, and Bob's your uncle!


1657035888653.png
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top