How to Generate a CSR for a Wildcard SSL Certificate?
Instructions to Create CSR for Wildcard Certificates
Wildcard SSL/TLS Certificates allow securing one base-domain with unlimited subdomains. For instance, using a wildcard SSL, you can secure examplebasedomain.com and unlimited-subdomain.examplebasedomain.com.
However, before a wildcard certificate is issued to you, like any other SSL certificate, you must generate a CSR. And, for that, you have to ensure that the format of the domain is correct. For example, to generate a CSR to secure the base domain and all its sub-domains, you need to enter the domain with * (asterisk).
So, if you place an asterisk in front of the base domain at the time of filling the CSR for a wildcard certificate, you’ll be able to secure an unlimited number of sub-domains. Moreover, you’ll also be allowed to add other sub-domains during the certificate’s lifecycle.
Wildcard CSR Generation
While generating a CSR, you will be asked certain details and you have to provide all of those. Details requested are:
- Common Name Wildcard: Your complete domain name
- Organization Name: Company’s legal name
- Organization Unit: Specific department of the company to which you belong
- Location of the company, which includes the state/province and country
- Root length: Generally, it’s 2048-bit
- Signature Algorithm: SHA-2
Steps to Generate a CSR for a Wildcard Certificate
To generate CSR for a wildcard certificate, you can use one of the commonly used platforms, OpenSSL. Below are the steps involved.
- In webserver, go to the terminal client.
- Type: openssl req –new –newkey rsa:2048 –nodes –keyout server.key –out server.csr
- Enter the name of the domain along with the asterisk, as explained above.
- Enter all the required details of your company
Once you enter all the information, CSR for your wildcard will be generated. Make sure to keep your Private Key secure in the same machine in which you generated the CSR.
Note: If you can’t find the sever on the list, you may have to browse and search for it in your control panel or you have to contact your web host support. Generating a CSR for a wildcard certificate is similar to a standard CSR where the only difference between the two is that an asterisk must be added before the domain name while generating a CSR for a wildcard certificate.