Knowledge Base
How to submit a CSR and Export a Certificate in PKCS12 Format on macOS?
How to Generate a CSR in MAC Terminal and Obtain a Certificate in PKCS12 Format on macOS?
Overview:
This guide provides the step-by-step process for creating a Certificate Signing Request (CSR), completing email verification, and exporting your SSL/TLS certificate in PKCS12 format on macOS. This ensures secure communication for websites and applications.
Product: SSL/TLS Certificate
Platform: macOS
Audience:
IT administrators, developers, and security professionals responsible for SSL/TLS certificate management.
Scope:
This procedure covers CSR generation using OpenSSL, certificate setup via the Sectigo portal, email verification, and PKCS12 export.
Prerequisites
Before you begin, ensure you have the following:
-
Access to a macOS device with Terminal.
-
OpenSSL installed (pre-installed on macOS).
-
A valid SSL/TLS certificate order from Sectigo.
-
Contact email address used during certificate purchase.
Follow the below step-by-step process for creating a Certificate Signing Request (CSR) in MAC Terminal, completing email verification, and exporting your SSL/TLS certificate in PKCS12 format on macOS.
Step 1: Generate a CSR Using OpenSSL
To begin, open the Terminal on your macOS device and run the following OpenSSL command to generate a CSR:
openssl req -newkey rsa:2048 -keyout private.key -out request.csr -nodes
CSR Generation using OpenSSL command
> openssl req -newkey rsa:2048 -keyout private.key -out request.csr -nodes
req - CSR operation
-newkey - instructs the openssl to generate a new key pair ( private/public key)
rsa:2048 - key type : rsa, key size : 2048
-keyout - mentions the filename to store the private key
-out - mentions the filename to save the output of the command, here it is CSR.
-nodes - do not encrypt the private key
Note: Please save the 'private.key' securely and donot share it with anyone.
For detailed instruction on how to generate CSR in mac-OS, refer the link below:
https://www.sectigo.com/knowledge-base/detail/How-to-Generate-a-Certificate-Signing-Request-CSR-for-SSL-TLS-certificates-on-macOS
After generating the CSR, follow these steps to complete the certificate setup:
1. Log in to the Sectigo portal: https://store.sectigo.com/
2. Click on 'My Products and Services'.
3. Click on 'Setup' for Order Number: 2402365831.
4. Enter your Contact Email Address (must match the one used during the certificate request).
5. Paste the newly generated CSR and click 'Submit'.
6. Review the details and complete the setup.
Step 2: Email Verification
Once the setup is complete, you will receive a verification email at the address provided during the certificate request.
Click the link in the email and enter the verification code to finalize the verification process.
Step 3: Certificate Collection and PKCS12 Export
After verification, you will receive a collection email at the same address.
To collect the certificate:
- Upload the 'private.key' file.
- Obtain the certificate in PKCS12 format.
Related Articles: How to Generate a Certificate Signing Request (CSR) for SSL/TLS certificates on macOS? | Sectigo® Official
Tags:
Need help?
Need help making a purchase? Contact us today to get your certificate issued right away.
Live chat
Click the button below or click "Chat with an Expert" to start chatting with us now!
