Context Navigation

get-certificate

-              v5
+              v6
 Then, you will need to submit your certificate signing request to a certificate authority, such as [http://startssl.com StartSSL], [http://rapidssl.com RapidSSL] or [http://cacert.org cacert]. I've never tried StartSSL, but they will provide certificates for free that they claim work in all major browsers. RapidSSL costs $79 per certificate and can generate a certificate for you that will be accepted by nearly all browsers on the planet. cacert will generate a certificate for free but users will need to import the cacert root certificate or they will get errors. We have a [ticket:1706 raging debate] about which approach is the best to take.
+In these examples domain.csr and domain.key are the file names provided. These filenames are arbitrary and can be anything you want (for example, I would recommend replacing domain with your actual domain, e.g. mayfirst.org.key and mayfirst.org.csr, so it is easier to keep track of the domains for which they are being generated.
 === Generating a key and signing request for the first time ===
 …
 }}}
+== Examining your certificate signing request ==
+If you want to get a human-readable view of what you just created (to check for typos), you can type:
+{{{
+openssl req -in domain.csr -text -verify -noout
+}}}
 == Testing your certificate file ==