What is a Certificate Signing Request (CSR)?

The Certificate Signing Request (CSR) is a small, encrypted text file. The CSR contains all the necessary information needed by a Certificate Authority (CA) to generate and issue a new SSL certificate. Simply put, the CSR is the first and most important step in applying for an SSL certificate. You can’t get one without it.

Below is an example of what your 2048-bit CSR will look like. This is a example only and cannot be used to generate your SSL certificate.

-----BEGIN CERTIFICATE REQUEST----- MIIC0TCCAbkCAQAwgYsxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJOWTERMA8GA1UE BxMITmV3IFlvcmsxEDAOBgNVBAoTB0V4YW1wbGUxEDAOBgNVBAsTB0V4YW1wbGUx FDASBgNVBAMTC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4 YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUjlAfFU jDqBHV18Avpfq3LJEmb9YWgPOYJMz05jFaRKS/UdUnW4u4512QMcq5Kqcj049glu s9moU28SSQ9L9ZBnUHtsbMNM6E5+/XgaJW0bJofm5QWrVfsEsILkiWFexrWVM8/Q GaZZ/SW+0e4p0azQPkT2C8L59ewykvNRN4I9rKMAAHRSpD/JqShzMtQj9tpm9QxK pLm6h4nIkNOqVPetkv0WljwhIVsETZIcSeOFDlHKojTHHFBLr8ACnOp4IylZMdVI qFcTA/fx6NJ9CSpt2EiGV4J4ky8+QT9Ed4NS9tTDUKxxph4N8URF5UzCvfJGZxvS YVse5l73olCJyQIDAQABoAAwDQYJKoZIhvcNAQEEBQADggEBAJOnMCNMx6a+arZA iLrThXjndfFDfFgQ0NzG1fA94wlzH4FoU4Q8nDf8e820Do4ad734Co63u9ZtUI6A +hVE0JQsv+p/vP4E+MKhvycnKZSQ56dkVKCDs05WMB5XhVZ6etFqKpvYBHWFOJPc Z9k3vMUywa2X086TKA6ZsqS2/kroUCjGcHIIHL2KHRhYIjSrCIwXiqN+dSV4Etcc axQVy48KCCB7DJ6/S7sVYT62we/WJnzlF+5YAjseojGUBsEBYfK4bd76l4wfHhJj VLSC1B0Uf4+B311Hf98NYJqLUnfDVfCpLZT+WngQz/OUi0X4crnNL9EV5g215bOu qN0wzJk= -----END CERTIFICATE REQUEST-----
  
The CSR is typically generated by the web server software on the server where    your site is hosted. In most cases the CSR can be generated by   you if you have access to your server via web interface control   panel or command-line. How you generate the CSR depends  on the brand of web    server software your site is hosted on.
When the Web Server generates the CSR it is actually generating a Private   and Public Key pair. The private key is kept secret and the public key   is bundled into the CSR. The CSR is digitally signed by the private key   which proves to the CA that the Web Server has possession of the private   key (called proof of possession). Your site’s domain name,   your business/organization’s legal name, city, state, and country are also   part of the CSR.
You will be asked for several pieces of info which will be used by the Certificate Authority to create  your new SSL certificate. These fields include the Common Name (aka domain, FQDN), organization, country, key bit length, etc. Use the CSR Legend in the right-hand column of this page to guide you when asked for this information. The following characters should not be used when typing in your CSR input: < > ~ ! @ # $ % ^  / \ ( ) ? , &
 
In order to verify the validity of your CSR, you can use the following tool to quickly decode your certficate request.
 
Decode CSR

What is a Certificate Signing Request (CSR)?

Connect with us on social media!

© 1996– Superb Internet Corporation

Related Articles

How do I verify that a private key matches its certificate?

How do I install an SSL certificate in Windows 2008 with IIS?

How do I install an SSL certificate in Windows 2003 with IIS?

How do I install an SSL certificate in Apache2?

How do I generate a CSR in Windows 2008 with IIS?

How do I generate a CSR in Windows 2003 with IIS?

Connect with us on social media!

© 1996– var CurrentYear = new Date().getFullYear() document.write(CurrentYear) Superb Internet Corporation

© 1996– Superb Internet Corporation