Certificate Signing Request. How to Generate a CSR?

Here’s what you need to say on Certificate Signing Request (CSR)

CSR is an abbreviation for Certificate Signing Order, a very critical aspect of PKI. As indicated in the name itself, a CSR is an application – an application to sign a digital certificate to a certificate authority. In simple terms, beginning the certification process is a request form.

As we are all aware, digital certificates such as SSL / TLS certificates vouch for the identity of the party to which they were given. In retrospect, for your reputation, it is not the certificate but the certificate authority (CA) behind the certificate that serves as a witness and vouchers. To do so, the CA must first confirm that you are the person you say you are and verify your details through various methods provided by the CAB forum. This is where the CSR gets through.

A CSR includes details such as common name, name of organisation, unit of organisation, etc. A CSR has your Public Key, too. When creating your CSR, you must fill out these information carefully, as these information will be used to generate your certificate and check your identity and legitimacy. One small mistake and you will have to do it all over again.

Your key pair-Private Key and Public Key-is also generated when you create a CSR. The CA does not, of course, use the Private Key but the Public Key is included in the CSR.

Let’s get to understand the CSR nuts and bolts

What’s inside a CSR?

A CSR has the following aspects about it:

Common Name:

Don’t get confused by his name. It’s nothing more than the webserver’s Fully Professional Domain Name (FQDN). FQDN is the name you enter (with or without a www) in your browser. Your Common Name MUST have the same meaning. If not, there’s going to be a misalignment and that’s not good, Bob.

Name of Organisation:

That should be the organisation’s legally registered name. If you have suffixes like LLC., Inc., and Corp, you must have them, too. In the DV certificate case simply enter your name.

Category of Organisation:

Your organization’s division which manages the certificate (i.e., IT department).


You will reach the town you are located in here.

Province or state:

The state / province you are based in, or the organisation.


Pick the country you are located in, or your organization.


The email address where the files for the certificate are sent. If you want OV or EV SSL, it has to be of your company.

Besides these, there is an option to pick the algorithm Root Length and Signature. If you have no clear requirement, hold them as usual.

What exactly does it look like a CSR?

Get ready to be surprised, because a CSR looks like nothing you ‘d imagine. It is basically a string of alphabets, numbers and symbols which looks like an alien species letter. So, it looks like this:


How do I generate a CSR?

Although other certificate providers will tell you to type in tedious and boring OpenSSL commands, we’ve created an amazing, automated, and user-friendly tool that will help you generate your CSR in no time. Do you know which part is the best? It is FREE to everyone. Why are you waiting for, then? Head straight to our CSR generation tool and get your CSR developed.

And if you want to decode your CSR, then we do have a tool for that!

Aren’t we all awesome?

What’s the CSR up to?

After you have created your CSR, you MUST copy it and paste it into a text editor (i.e., notepad) and save it for your future needs.