In order to create a CSR in Linux Apache Web Server follow the instructions below:
Step 1	Create a private key.
	Type the following command in Command Prompt: openssl genrsa ­des3 ­out (e.g. openssl genrsa ­des3 ­out server.key2048 ). When prompted type a safe password which you will remember as it will protect your private key.
	Notes “OpenSSL” is used in order to produce the key and the CSR, which is usually located in /usr/local/ssl/bin. If installed elsewhere, the following instructions below should be adjusted. For every certificate SSL and CSR key must be 2048 bit. If you don't wish to protect the key with a password, skip command ­des3
Step 2	Create CSR.
	Type the following command in Command Prompt: openssl req ­ new ­key <key­file> ­out (e.g. openssl req ­new ­key server.key­out server.csr). This command will display certificate's properties. Fill in with Latin characters. Country Name : Type the first two letters of your country e.g. US (for USA) State or Province : Type the area, e.g. Brooklyn Locality or City : Here type city's name without symbols or abbreviations e.g. New York Company : Here type company's name, without symbols. Organizational Unit : This field is optional, but it can be used for corporations / organizations. If you do not wish to fill, simply press enter. Common Name : It's the name for which you wish to publish the certificate. For example "www.domain.com" or "domain.com". Public / private key has been created and private key has been saved locally on server in the file server.key. Open this file and copy the CSR it includes.
	Notes It is important to give the right Common Name, because the certificate will be issued and working based on that. If e.g. the certificate is issued for “domain.com”, the browser will start showing warning messages for unsafe operation if you try to open the page http://www.domain.com (with “www”). When Creating CSR you must not give email address, password or any company name. Keep a safe backup of your key because if you lose it, your certificate can not be used and there is no way to be rebounded. The CSR (e.g. server.csr) will be used for the purchase of SSL.