How to Generate a CSR

A Certificate Signing Request (CSR) is a block of encoded text containing information about your domain and organization. You'll need to generate a CSR before purchasing an SSL certificate. This guide covers how to create one using OpenSSL or our free online tool.

What is a CSR?

A CSR contains details like your domain name (Common Name), organization name, location, and contact information. When you purchase an SSL certificate, the Certificate Authority (CA) uses this CSR to issue your certificate.

Using MySSLPro's CSR Generator Tool

For a quick and easy way to generate your CSR, use our free online tool. It guides you through the process and generates the CSR code automatically.

Link: MySSLPro CSR Generator

Simply fill in the required fields (domain name, organization name, location, etc.) and the tool will provide you with your CSR and private key.

Using OpenSSL (Linux/macOS)

If you prefer a manual approach or have server access, you can use OpenSSL via the command line. Open your terminal and run the following command:

openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.com.key -out yourdomain.com.csr

You will be prompted to enter information:

Country Name (2 letter code): e.g., US
State or Province Name: e.g., California
Locality Name (city): e.g., San Francisco
Organization Name: e.g., My SSL Company
Organizational Unit Name (e.g. section): e.g., IT Department
Common Name (e.g. server FQDN or YOUR name): e.g., `www.yourdomain.com`
Email Address: e.g., [email protected]
A challenge password: (Optional, but recommended)

This command will generate two files: `yourdomain.com.key` (your private key) and `yourdomain.com.csr` (your CSR file). Keep your private key secure and do NOT share it. You will need to provide the content of the `.csr` file to your CA.

Using OpenSSL (Windows)

If you have OpenSSL installed on Windows, the process is similar. You can run the same command in your Git Bash or Windows Subsystem for Linux (WSL) terminal.

Important Notes

Common Name (CN): For SSL certificates, this should always be the fully qualified domain name (FQDN) you want to secure (e.g., `www.yourdomain.com`). If you need to secure multiple domains, consider a Multi-Domain (SAN) or Wildcard certificate and generate CSRs accordingly.
Organization Name: For OV and EV certificates, this must be your legally registered company name.
Private Key Security: Never share your private key (`.key` file). It's essential for the security of your SSL certificate.

💡

Need help? If you're unsure about any step, our support team can assist you.

What is a CSR?

Using MySSLPro's CSR Generator Tool

Using OpenSSL (Linux/macOS)

Using OpenSSL (Windows)

Important Notes

Related Guides

Need an SSL Certificate?