How can I generate a Certificate Signing Request (CSR)?

Austin Beresford
Published: 8 March 2023
Share:

When ordering an SSL certificate, you can be asked to generate a Certificate Signing Request (CSR).  

This is an encoded block of text that the Certificate Authority request before issuing an SSL/TLS certificate. It contains information about the organisation, domain name and locality. 

Step-by-step guide on CSR generation:  

Step 1: Choose a CSR generator tool 

There are many CSR generator tools available online like: 

https://csrgenerator.com/ 

Step 2: Fill out the CSR information form 

Once you've chosen a CSR generator tool, you'll be asked to fill out a form with information about your website, including: 

Country – the two-letter country code of your organisation 

State/province – the state or province where your organisation is located 

Locality – the city where your organisation is located 

Organisation – the legal name of your organisation 

Organisational unit – the department or division within your organisation responsible for the website 

Common name (CN) – the fully qualified domain name (FQDN) of your website (e.g. www.example.com) 

Key size – you are given option of 2048-bit or 4096-bit, we recommend the 4096 as this has a higher encryption level. 

Some CSR generators might also ask to provide additional information, such as your email address and the type of server software you're using. 

Step 3: Generate the CSR 

Once you've filled out the form, click the "Generate CSR" or "Create CSR" button. The CSR generator tool will then create a text file containing the CSR and the private key for your website. 

Ensure that you keep a record of both the CSR and private key. 

Step 4: Submit the CSR to a Certificate Authority (CA) 

To obtain an SSL/TLS certificate for your website, you'll need to submit the CSR to a Certificate Authority (CA). The CA will use the information in the CSR to verify your website's identity and generate a digital certificate.  

When submitting the CSR, you'll typically be asked to provide additional information, such as your contact information and payment details. 

Step 5: Install the SSL/TLS certificate on your web server 

Once you've received the digital certificate from the CA, you'll need to install it. The process for installing the certificate will depend on the web server software you're using. You can typically find instructions for installing the certificate in the documentation for your web server software.  

With 20i, this is quick and easy process through our control panel. Here’s a guide on how to install a third-party SSL certificate