What is CSR?
CSR is a certificate signing request. Generating a CSR is the first step for installing an SSL certificate and the below article guides on how to generate a CSR. A CSR is a small encoded file that contains information about the organization and the domain. It also contains the public key, which will be included in the certificate. A CSR thus generated, needs to be sent to the Certificate Authority (CA), to create your SSL certificate. The private key has to be kept safely with you. This generated SSL certificate will only work with your private key. Hence store your private key safely.
Information required for a CSR generation?
A CSR for an SSL/TSL certificate requires the following information:
- Common Name (CN): The primary domain name . (eg: yourdomain.com)
- Organization (O): The name of the company (eg: Your Company)
- Organization Unit (OU): The name of department within the company (eg: IT Department)
- Locality (L): The city where the company is located (eg: Mountain View)
- State (S): The state where the company is located (eg: California)
- Country (C): The two-letter country code (eg: US)
- Email Address: An email address of the company/applicant. This field is optional.
For a wildcard SSL certificate -. The Common Name is added with an asterisk in front of the domain name. (eg: *.yourdomain.com)
How to generate a CSR and private key?
If you want to generate a CSR on your cPanel server, follow the below steps:
1. Login to your cPanel account
2. Click on the ‘SSL/TSL’ option, under the ‘Security’ section.
3. Click the ‘Generate, view, or delete SSL certificate signing requests.’, under the ‘CERTIFICATE SIGNING REQUEST’ section.
4. On the next page, under Generate a New Certificate Signing Request (CSR), select ‘Generate a new “RSA, 2,048-bit” key’ option and enter the below details:
Domains, City, State, Country, Company, Company Division, E-mail, Passphrase, Description
5. Click Generate button. This creates CSR.
7. You can use the CSR Code generated under the Encoded Certificate Signing Request for SSL activation.
Note: Make sure to include the CSR code from —–BEGIN CERTIFICATE REQUEST—– to —–END CERTIFICATE REQUEST—– when submitting the CSR code for SSL activation.