Frequently Asked Questions

What is a CSR?

A Certificate Signing Request (CSR) is a block of encoded text that contains information about the entity requesting the certificate and the public key that will be included in the certificate. When you generate a CSR, you are creating a request for a Certificate Authority (CA) to issue you an SSL/TLS certificate.

Why do I need a CSR?

A CSR is required when applying for an SSL/TLS certificate from a Certificate Authority (CA). It provides the CA with the information needed to create your certificate. Without a CSR, the CA would not have the necessary information to issue a certificate that correctly identifies your organization and domain.

What information is included in a CSR?

A CSR typically includes your domain name (Common Name), organization name, organizational unit, locality (city), state/province, country, and email address. It also contains the public key that will be included in your certificate. This information helps the CA verify your identity and create a certificate that correctly identifies your website or organization.

How is a CSR generated?

A CSR is generated by creating a key pair (consisting of a private key and a public key) and then using the private key to sign a request containing your identification information. The CSR includes the public key and is sent to the CA, while the private key remains securely on your server. Our tool handles this process for you, generating both the private key and CSR in your browser.

Is my data secure?

Yes. All CSR generation happens in your browser. Your private key and CSR are never transmitted to any server. The private key is particularly sensitive and should be kept secure, as it's used to decrypt communications that are encrypted with the public key in your certificate.

What do I do with the CSR?

Submit the CSR file to your chosen Certificate Authority when applying for an SSL/TLS certificate. The CA will verify the information in the CSR and issue a certificate based on this information. Keep your private key secure as you'll need it to install the certificate once issued. Never share your private key with anyone, including the CA.

What types of certificates can I request with a CSR?

You can use a CSR to request various types of SSL/TLS certificates, including:

• Domain Validation (DV) certificates - verify domain ownership only
• Organization Validation (OV) certificates - verify domain ownership and some organization information
• Extended Validation (EV) certificates - provide the highest level of validation and verification
• Wildcard certificates - secure a domain and all its subdomains
• Multi-domain certificates - secure multiple domains with a single certificate

Can I reuse a CSR?

Yes, you can reuse a CSR for certificate renewals or to obtain additional certificates, as long as the information in the CSR remains accurate. However, for security reasons, it's often recommended to generate a new key pair and CSR when renewing certificates, especially for high-security applications.