How to generate CSR for SSL that works with Nginx & Apache?

Question

I want to generate the CSR file for requesting SSL (wildcard) certificate. This certificate and private key will be used on multiple machines with both Apache and Nginx.

RapitSSL states the following commands for the different setups:

• Nginx

  $ openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

• Apache Mod SSL

  $ openssl genrsa -des3 -out <private key file name>.key 2048

• Apache-SSL

  $ openssl genrsa -des3 -out www.yourdomain-example.com.key 2048

Is there a way to generate a CSR that works with both Apache and Nginx?

Answer 1

• Apache Mod SSL

  $ openssl genrsa -des3 -out < private key file name>.key 2048

• Apache-SSL

  $ openssl genrsa -des3 -out www.yourdomain-example.com.key 2048

These two are obviously the exact same command, with a different way of writing the example name. They just generate the key pair, you'd need an additional req command to generate a CSR too.

genrsa generates a key pair, and req generates a CSR. However, req can perform both operations at once when using -newkey.

See OpenSSL req example documentation:

Create a private key and then generate a certificate request from it:

openssl genrsa -out key.pem 1024    
openssl req -new -key key.pem -out req.pem

The same but just using req:

openssl req -newkey rsa:1024 -keyout key.pem -out req.pem