How to create sha256 csr on windows?
There is two ways to create sha256(SHA-2) csr in windows.
I strongly advice to use OpenSSL. Because it’s easy and really good to manage this certificate life cycle. For example; If you need to create a SHA-2 CSR you just need to download OpenSSL binaries and then run this command sets.
#openssl req -out Casesup.csr -new -newkey rsa:2048 -nodes -keyout Casesup.key -sha256
2 - Use Microsoft management console (mmc)
I will beriefly describe how to generate SHA-2 csr on Windows server with MMC. It’s really hard to add screenshot but let’s keep it clear.
Step 1: Open Microsoft Management Console
Type MMC to the run and click OK.
Step 2: Click Add/Remove Snap-in…
Step 3: Add Certificate snap to the Control Panel
Step 4: Create Custom Request from Advanced Operations
Right click on blank page then All Tasks>Advanced Operations > Create Custom Request
Step 5: Proceed Enrollment
Step 6: Click detail box then properties
Step 7: Define your CSR information like OU,Organization, DNS, Email etc.
Step 8: If you need to define certificate’s extensions then check these boxes.
I’ll pass these steps because I don’t need to define any extensions.
Step 9: Define key size and hash algorithm
Last and most important step will be define private key options on this page. You need to define key size 2048 and hash algorithm to SHA-2.
Step 10: Save the CSR file and click Finish