📘 If you’re unsure about creating certificates or don’t want to manage them, use Aptible’s Managed TLS option!A Certificate Signing Request (CSR) file contains information about an SSL / TLS certificate you’d like a Certification Authority (CA) to issue. If you’d like to use a Custom Certificate with your Endpoints, you will need to generate a CSR: Step 1: You can generate a new CSR using OpenSSL’s
openssl req
command:
$DOMAIN.key
file) and CSR (the $DOMAIN.csr
file) in a secure location, then request a certificate from the CA of your choice.
Step 3: Once your CSR is approved, request an “NGiNX / other” format if the CA asks what certificate format you prefer.
diff3
to compare the moduli from all three files at once:
diff3
will produce no output.
📘 You can reuse a private key and CSR when renewing an SSL / TLS certificate, but from a security perspective, it’s often a better idea to generate a new key and CSR when renewing.