How to Generate a CSR

When applying for an SSL certificate, you must create a CSR (Certificate Signing Request) and submit it to the Certificate Authority (CA) for validation. On this page, you will find over 70 tutorials explaining how to generate a CSR on different platforms. Also included is an FAQ section covering the most common questions about CSR generation.

How to Manually Generate a CSR?

Manually creating a CSR requires access to the server on which you intend to install your SSL certificate. Depending on your platform, you will generate the CSR code via a web control panel or with the OpenSSL utility using SSH (Secure Shell) protocol.

To create the CSR file, you must provide details about your company and the website you wish to encrypt. The system will then produce the CSR. Below we’ve listed step-by-step instructions on how to generate a csr for an SSL certificate for various platforms.

CSR Generation Guides

We’re always updating our CSR generation guides and list of platforms to bring you the most precise instructions for your particular server. You can browse them by category or use the CTRL + F shortcut to locate your system name.

Most Popular Platforms

Microsoft Platforms

Linux Platforms

Web Servers

Application Servers

Control Panels

Cloud Platforms

Mail Servers & Gateways

FTP Servers

Network systems, Firewalls and VPNs

Other Platforms

CSR for a Code Signing Certificate

If you don’t have access to your server or can’t find your platform in the lists above, use our CSR generator tool to create the CSR file.

Save 10% on SSL Certificates when ordering today!

Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10

Save 10% Now!

Frequently Asked Questions

What is a CSR?

A CSR or Certificate Signing Request is a block of encoded text with your contact data that you must submit to the certificate authority (CA) to validate your SSL certificate request.

Copy Link

Where do I generate a CSR file?

You can generate the CSR code directly on your website’s server or via a CSR generator tool and then upload the CSR code to your platform.

Copy Link

What information will I be asked to generate a CSR?

You must provide the following information:

  • Country Name
  • State or Province Name
  • Locality Name
  • Organization Name
  • Common Name (the FQDN -Fully Qualified Domain Name you want to secure)

Copy Link

How often do I need to generate a CSR?

You must generate a CSR code every time you apply for a new certificate or are renewing your expiring cert. The CA uses the up-to-date data from your CSR to validate and issue your SSL certificate.

Copy Link

What is needed to generate a CSR?

To generate the CSR, you must have access to your server or use a third-party tool that will automatically create the CSR files after you submit the required data.

Copy Link

How long does it take to generate CSR?

The CSR generation itself is instant. The only time you’ll spend is filling in the required CSR fields with your contact information.

Copy Link

What happens when you generate a CSR?

The system or platform on which you generate the CSR will create two text files. The file with the .csr extension will contain your CSR code, while the file with the .key extension will include your private key.

Copy Link

What access is needed to generate CSR?

To generate the CSR on your server, you need access to your control panel or secure shell terminal. You can also create the CSR externally via a CSR generator tool directly from your browser.

Copy Link

How to generate multi-level SSL CSR?

When you generate a CSR via an external tool such as a CSR generator, you should enter one single domain name or sub-domain. The rest of the domains or sub-domains, known as SANs (2nd, 3rd, 4th domains or sub-domains), should be included in the fields for additional domains. You will find the additional domain fields on the SSL Certificate configuration form.

If you generate the CSR with OpenSSL, you need to create a new file named req.conf and add more DNS entries. Here’s the command line to request the CSR:

openssl req -new -out request_name.csr -newkey rsa:2048 -nodes -sha256 -keyout request_name.key -config req.conf

Copy Link

How to generate a CSR from an existing certificate?

It’s not recommended to use an existing CSR when applying for a new SSL certificate, as re-using the same key over very long periods may compromise website security.

Copy Link

How to generate a CSR for a wildcard certificate?

When generating a CSR for a Wildcard SSL certificate, you must add an asterisk (*) in front of the domain name you want to secure. For example, you would enter *.yourdomain.com in the Common Name field.

Copy Link