asked on

How to create an SSL CSR with signature algorithms md5withrsa or sha1withrsa on Ubuntu 14 Apache2

I need to enable SSL on a website that is running on an Ubuntu 14.04 (Apache2) LAMP server, so I created a CSR using the following commands:

"openssl req -new -days 365 -nodes -keyout www.mydomain.com.key -out www.mydomain.com.csr"

However, when I go to my registrar, Network Solutions, to validate the CSR I get the following error:

"The CSR provided uses an unsupported signature algorithm. Supported algorithms are: md5withrsa, sha1withrsa, oid 1.2.840.113549.1.1.4, oid 1.2.840.113549.1.1.5"

My problem is that I don't have experience with linux web servers and how the CSR is created in this environment and I have no clue on how to create the CSR that will be compatible with the Network Solutions validation process.

I would greatly appreciate any information, suggestions, advice you can provide to help me resolve this issue. Thank you in advance!

ASKER CERTIFIED SOLUTION

gheist

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Cdm Sysadmin

ASKER

Thanks Gheist! I like the short and direct answer you provided. That is the correct command, as I confirmed this after finally finding the information at the following site:

http://www.networksolutions.com/support/csr-for-apache-with-mod-ssl-openssl/

gheist

Very few CAs sign DSA and ECDSA server keys...

Cdm Sysadmin

ASKER

Note: The article in the link above does not mention that you have to add "-sha1" at the end of the command in order for the CSR to be validated at Network Solutions. Here is the full command that creates a CSR with the supported signature algorithm:

openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr –sha1

gheist

Glad you found manual page :)