How to generate COMODO SSL certificates

How to generate COMODO SSL certificates

To make a SSL certificate, we need to generate CSR code first. After that there is a few steps to follow.

CSR Generation

Generating a Certificate Signing Request (CSR) using OpenSSL (Apache & mod_ssl, NGINX)

openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr

You will now be asked to enter details to be entered into your CSR.

Country Name (2 letter code) [AU]: GB
State or Province Name (full name) [Some-State]: Yorks
Locality Name (eg, city) []: York
Organization Name (eg, company) [Internet Widgits Pty Ltd]: MyCompany Ltd
Organizational Unit Name (eg, section) []: IT
Common Name (eg, YOUR name) []:
Email Address []:

Use the name of the web-server as Common Name (CN). If the domain name (Common Name) is append the domain to the hostname (use the fully qualified domain name).

Certificate Installation


  1. The extracted contents will typically be named: yourDomainName.crt and
  2. Move the Private Key that was generated earlier to the ssl.key directory, which is typically found in/etc/ssl/. This must be a directory which only Apache can access.
  3. Move the yourDomainName.crt and to the ssl.crt directory, which is typically found in the /etc/ssl/ directory.
  4. Edit Apache SSL configuration
    SSLEngine on
    SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
    SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
    SSLCertificateChainFile /etc/ssl/ssl.crt/
    blog tag: