What is a Certificate Signing Request ?

A CSR or certificate signing request is a cryptographically signed request for an SSL certificate that can be submitted to a Certificate Authority like Thawte, Verisign, Digicert etc. to allow you to provide SSL, usually for HTTPS but it can also be used for things like POP3 and IMAP over SSL.

Creating a CSR for Apache2

cd /etc/apache2/ssl
mkdir example.com
cd example.com
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

Fill out the details when it asks you. For the common name make sure you specify the domain name you want to secure and when it asks for a password just press enter unless you want to be around every time Apache starts.

For wild card certificates the common name should be *.example.com and for non wild card if you do www.example.com Digicert will secure both example.com and www.example.com.