Once the command has executed successfully, we can see domain.key, domain.csr, and domain.crt generated, where domain.key is a 2,048-bit RSA private key that is used to sign the SSL certificate, and domain.crt and domain.csr are certificate-signing requests that consist of the public key of a key pair with some additional information, which is inserted into the certificate when it is signed.
Let's understand the command we executed to generate a certificate-signing request:
- The -newkey rsa:2048 option creates a new certificate request and a new private key that should be 2,048-bit, generated using the RSA algorithm.
- The -nodes option specifies that the private key created will not be encrypted with a passphrase.
- The -keyout ...