A quick run through of the steps required to generate a certificate at Servertastic

Generate a private key

openssl genrsa -aes256 -out privkey-with-passphrase.key -passout stdin 2048

Generate a certificate request

openssl req -new -key privkey-with-passphrase.key -out cert-request.csr -text

cat the cert request file and copy/paste it’s base64 representation into the Servertastic web interface.

Select radio button for SHA256 FullChain and remove the www Subject Alternate Name if it’s not going to be used.

Strip the passphrase from the private key

openssl rsa -in privkey-with-passphrase.key -out server.key

Catenate server cert and intermediate cert into one file

cat server.cer rapidssl-tls-rsa-ca-g1-int.cer > server-int.cer

Generate a pkcs12 bundle to import to other systems. To import into Windows registry, the file extension should be either .p12 or .pfx.

openssl pkcs12 -export -inkey server.key -in server.cer -name Server-Cert-2023 -out server-2023.p12