How to create a Certificate Signing Request (CSR)
To ensure secure HTTPS communication on the Internet, it is necessary to have a private and public key on the server (hosting), which are used in asymmetric cryptography. In the case of Internet communication, the key is used to establish a secure connection between the browser and the server. The public key is confirmed by a trusted certification authority that receives a Certificate Signing Request (CSR). The CSR request contains, in addition to the public key, other information about the applicant and the domain. There are various options for generating keys.
Easy certificate request generation in Control Panel
After ordering an SSL certificate, you can easily generate a certificate request, including the public key in the certificate detail. Generation is located in the Control Panel
Detail -> Certificate information -> CSR: -> Edit. Selecting "Edit" will show Certificate CSR page, where you can insert your own request or select Generate new CSR from certificate order.
To generate the request, select Generate new CSR from the order.
Company or EV certificate orders offer the option of modifying the Organization unit (OU] item at your own discretion. Domain certificates (DV) only allow the generation of keys, [OU] cannot be used.
Private key and request with public key
By confirming the form, the system generates a private key in PEM format (X.509) and a CSR request with a public key. For security reasons, we do not store the private key on our side! It is necessary to copy the key and save it to a file (eg key.txt or private.key), including hyphens at the beginning and end! Best in some text program like Notepad, Notepad ++ or others editors.
To insert a request (CSR) into the order, it is necessary to confirm the form by clicking on the SUBMIT button, which will save the request.
As soon as the certificate is issued by the authority, the certificate will be sent to the technical contact's e-mail together with other authority certificates. These certificates, including the private key, are installed on the server where the domain for which the certificate was ordered is hosted. If the vendor takes care of the server, we recommend that you "zip" all received files with password protection and then send them for installation.
Own Certificate Signing Request
You can also insert own Certificate Signing Request. You can generate keys and CSR on server, with OpenSSL or request delivery from the vendor (server administrator). It is important that the request contains the correct information, such as the domain name and other required data.
For more detailed generation instructions, see OpenSSL - key generation, certificate requests.
Back to Help
Found an error or don't understand something? Write us!