Generating TLS Keys and Signing Requests

Use a trustworthy machine with good entropy to generate TLS keys.

RSA Keys

SSL Labs recommends a key size of 2048 bits for most use cases. They discourage usage of keys bigger than 3072 bits. Use the following command to generate RSA keys with openssl.

# 2048 bit RSA
$ openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out example-rsa.key.pem

# 3072 bit RSA
$ openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:3072 -out example-rsa.key.pem

ECDSA Keys

Most browsers support secp256r1 (P-256) and secp384r1 (P-384) curves. Use the following command to generate EC keys with openssl:

# P-256 EC key
$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -out example-ec.key.pem

# P-384 EC key
$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-384 -out example-ec.key.pem

Certificate Signing Request

The openssl req utility can be used to generate certificate signing requests suitable for certhub. Note that Let’s Encrypt ignores anything in the CSR except CN, subjectAltName and the OCSP stapling tls feature flag if present. Adapt the following example to generate a CSR from the command line without having to craft a openssl.cnf file.

$ openssl req -new -subj "/CN=example.com" \
      -addext "subjectAltName = DNS:example.com,DNS:www.example.com" \
      -addext "basicConstraints = CA:FALSE" \
      -addext "keyUsage = nonRepudiation, digitalSignature, keyEncipherment" \
      -addext "tlsfeature = status_request" \ # Remove this line if your TLS server is not configured for OCSP.
      -key example-ec.key.pem -out example-ec.csr.pem

In order to inspect any CSR, use the -text and -noout flags:

$ openssl req -text -noout -in example-ec.csr.pem