How do I generate a Certificate Signing Request (CSR) under OpenSSL?

Open the program OpenSSL to generate the request:

openssl req -nodes -new -newkey rsa:2048 -out csr.pem

This generates a private key and a corresponding certificate request. The following output now appears on your screen:

# Generating a 2048 bit RSA private key
# ...............................................++++++
# ............................++++++
# writing new private key to 'privkey.pem'
# -----
# You are about to be asked to enter information that will be incorporated
# into your certificate request.
# What you are about to enter is what is called a Distinguished Name or a DN.
# There are quite a few fields but you can leave some blank
# For some fields there will be a default value,
# If you enter '.', the field will be left blank.
# -----

You will then be asked questions about the registration information.

• Enter the 2-digit country code (DE = Germany)
  

  # Country Name (2 letter code) [AU]: DE

• Enter your federal state, e.g. Berlin.

  # State or Province Name (full name) [Some-State]: Berlin

• Specify your city.

  # Locality Name (eg, city) []: Berlin

• Enter your name or company name.

  # Organization Name (eg, company) [Sample company GmbH]: Example AG

• Specify the responsible department (if any).

  # Organizational Unit Name (eg, section) []: ---

• Specify the exact domain name to be protected by the certificate. Important: The certificate is then only valid for this entry.

  # Common Name (eg, YOUR name) []: example.com

• Enter the e-mail address of the person responsible.

  # Email Address []: hostmaster@example.org

• The following information is optional.

  # Please enter the following 'extra' attributes
  # to be sent with your certificate request
  # A challenge password []:
  # An optional company name []:

Now the files privkey.pem and csr.pem were created, which contain the private key and the certificate request.