Install OpenSSL (Windows)
Follow the following instructions to install and setup OpenSSL on a Windows computer.
- Ensure that the Microsoft Visual C++ 2008 Redistributable Package (x86) is installed on the system on which you want to generate the requests. To download the package, see the Microsoft Download Center.
- Download the Shining Light Productions installer for Win32 OpenSSL v1.1.0e or later at http://www.slproweb.com/products/Win32OpenSSL.html. This is a software developed from the OpenSSL Project.
- Launch the installer (run as administrator) and proceed through the installation
- Destination location: C:\OpenSSL-Win32
- Start Manu Folder: OpenSSL
- Copy OpenSSL DLLs to: The openSSL binaries (/bin) directory
Create a CSR and private key
Follow the below instructions to create a CSR which will be send to the CA Authority to request a certificate.
- Open a command prompt (as admin)
- md c:\certs\ituda
- C:\OpenSSL-Win32\bin\openssl req -new -newkey rsa:2048 -nodes -config c:\OpenSSL-Win32\bin\cnf\openssl.cnf -out C:\certs\ituda\CSR.csr -keyout C:\certs\ituda\privatekey.key
- Answer as below:
- Country Name: BE
- State or Province Name: Brussels
- Locality Name: Brussels
- Organization Name: ITuDA BVBA
- Organizational Unit Name: IT Services
- Common Name: *.ituda.com
- Email Address: firstname.lastname@example.org
- A challenge password: ********
- An optional company name: ITuDA
Request the Certificate
Follow the following instructions to request a certificate from GoDaddy.
- Login to the GoDaddy portal http://www.godaddy.com/#
- Enter the credentials go to Product / SSL & Security
- Request a new wildcard certificate
- When prompted for the CSR, copy paste the contents of the “C:\certs\ituda\CSR.csr” and follow the instructions
- Download the certificate to “C:\certs\ituda\crtkey.crt”
- Download the godaddy root and intermediate certificate bundle to “C:\certs\ituda\godaddy_bundle.crt”
Convert Private Key to RSA Key
Follow the following instructions to convert the private key to an RSA private key
- C:\OpenSSL-Win32\bin\openssl rsa -in C:\certs\ituda\wildcard\privatekey.key -out C:\certs\ituda\rsakey.key
Create a PFX
Follow the following instructions to create a PFX certificate.
- C:\OpenSSL-Win32\bin\openssl pkcs12 export -out “C:\certs\ituda\pfxkey.pfx” -inkey “C:\certs\ituda\rsakey.key” -in “C:\certs\ituda\crtkey.crt” -certfile “C:\certs\ituda\godaddy_bundle.crt”
Convert PFX to PEM
Follow the following instructions to convert the PFX to a PEM certificate.
- C:\OpenSSL-Win32\bin\openssl pkcs12 -in “C:\certs\ituda\pfkkey.pfx” -out “C:\certs\ituda\pemkey.pem” –nodes