Generate CSR (Certificate Signing Request) on macOS

This section provides a tutorial example on how to create a CSR (Certificate Signing Request) with auto-generated private/public key pair on macOS using Keychain Access.

With my own root CA certificate created, now I am in business to issue new certificates for others that are signed by my root CA.

Normally, if John from the Internet wants me to issue a certificate for him, he has to generate a CSR (Certificate Signing Request) by himself and sent it to me for signing.

But if he has no tools to generate a CSR, I can generate one on his behalf.

1. Click "Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority" menu. The Certificate Assistant dialog box shows up.

2. Enter the following and click "Continue".

User Email Address: joe.doe@gmail.com
Common Name: Joe Doe
CA Email Address: herong_yang@yahoo.com
Request is: [x] Saved to disk
            [ ] Let me specify key pair information

3. Enter the following and click "Continue".

User Email Address: joe.doe@gmail.com
Common Name: Joe Doe
CA Email Address: herong_yang@yahoo.com
Request is: [x] Saved to disk
            [ ] Let me specify key pair information

4. Specify "joe.csr" as the CSR file name in "~/temp" folder and click "Save".

Now I can send a copy of "joe.csr" to Joe for him to keep.

Generate CSR (Certificate Signing Request) in Keychain Access
Generate CSR (Certificate Signing Request) in Keychain Access

Table of Contents

 About This Book

 Macintosh OS (Operating System) History

 macOS Operating System

 macOS File Systems

 macOS Network Connections

 System and Application Processes

 Keychain Access - Password Manager

Keychain Access - Certificate Manager

 Using Keychain Access as Certificate Manager

 Listing of Trusted Root CA in macOS

 Exporting Root Certificate to File from macOS

 Delete/Untrust Certificates from macOS

 Import Server Certificates to macOS

 Create My Own Root CA on macOS

 Review My Root CA Certificate on macOS

 Review Private Key of My CA Certificate on macOS

Generate CSR (Certificate Signing Request) on macOS

 Issue New Certificate with My CA on macOS

 Verify Certificate Signed by My CA on macOS

 Manage Keychains with Commands

 Keychain File Locations on macOS

 CA Certificates at "/etc/ssl | /private/etc/ssl"

 Productivity Tools on macOS

 Programming Tools on macOS

 Apache Web Server on macOS

 Develop and Run Java Applications

 Full Version in PDF/EPUB