Quality TLS/SSL certificates for websites and internet projects.



How to create a Certificate Signing Request (CSR)

To ensure secure HTTPS communication on the Internet, it is necessary to have a private and public key on the server (hosting), which are used in asymmetric cryptography. In the case of Internet communication, the key is used to establish a secure connection between the browser and the server. The public key is confirmed by a trusted certification authority that receives a Certificate Signing Request (CSR). The CSR request contains, in addition to the public key, other information about the applicant and the domain. There are various options for generating keys.

For security reasons, we do not recommend generating a certificate request online on unknown sites. There is no guarantee that the private key will not be stored for possible misuse!

Easy certificate request generation in Control Panel

After ordering an SSL certificate, you can easily generate a certificate request, including the public key in the certificate detail. Generation is located in the Control Panel Detail -> Certificate information -> CSR: -> Edit. Selecting "Edit" will show Certificate CSR page, where you can insert your own request or select Generate new CSR from certificate order.

Control Panel - private key and CSR

To generate the request, select Generate new CSR from the order.
Company or EV certificate orders offer the option of modifying the Organization unit (OU] item at your own discretion. Domain certificates (DV) only allow the generation of keys, [OU] cannot be used.

Keys generating

Private key and request with public key

By confirming the form, the system generates a private key in PEM format (X.509) and a CSR request with a public key. For security reasons, we do not store the private key on our side! It is necessary to copy the key and save it to a file (eg key.txt or private.key), including hyphens at the beginning and end! Best in some text program like Notepad, Notepad ++ or others editors.
To insert a request (CSR) into the order, it is necessary to confirm the form by clicking on the SUBMIT button, which will save the request.

Creating private key and Certificate Signing Request (CSR)

As soon as the certificate is issued by the authority, the certificate will be sent to the technical contact's e-mail together with other authority certificates. These certificates, including the private key, are installed on the server where the domain for which the certificate was ordered is hosted. If the vendor takes care of the server, we recommend that you "zip" all received files with password protection and then send them for installation.

Own Certificate Signing Request

You can also insert own Certificate Signing Request. You can generate keys and CSR on server, with OpenSSL or request delivery from the vendor (server administrator). It is important that the request contains the correct information, such as the domain name and other required data.

For more detailed generation instructions, see OpenSSL - key generation, certificate requests.

Back to Help
Found an error or don't understand something? Write us!

CA Sectigo
CA Thawte
CA GeoTrust
CA DigiCert
CA Certum