Note: The below method may also be used to generate a certificate signing request (CSR) for a web-server. If this is the case, the common name (CN) of the certificate must be the FQDN of the web server. If making a request for iOS development then use the developer's email address for the CN in the CSR.
1.Open Keychain access in the Finder by browsing to Applications and Utilities
2.Select the login keychain in the upper left-hand corner. Note: All work will be done from the login keychain.
3.Select Keychain Access > Certificate Assistant at the top and select the Request a Certificate from a Certificate Authority option.Fill out the form with user information and select the Save to disk option and click continue.
4.Now that the CSR is created, it may be used to generate the code-signing or push certificate.
Note: Although the same CSR may be used to generate both the code-signing (Distribution) and the push certificates.Create an individual request for each certificate.
1.From any Linux box with openssl installed enter the following, as root: opensslreq -out CSR.csr -new -newkey rsa:2048 -nodes -keyoutprivateKey.key For Example: