A certificate signing request (CSR) is an encoded message that contains a public key and other relevant information such as a common name, locality and SAN entries (if applicable). Once all of the desired information has been entered during the CSR generation process, the request is digitally signed using a corresponding private key. The information found within a CSR is used by a Certificate Authority (CA) to verify and ultimately create your signed server certificate.
Instructions for generating a CSR depend on the server software you are using. Please refer to this FAQ for a list of CSR generation instructions for a wide variety of server platforms. If you are ordering a certificate from SSL.com, you can also generate a CSR in your web browser with CSR Manager, or with SSL Manager, our Windows application for ordering, installing, and managing digital certificates.
The set of identifying information entered when creating a CSR is known as the known as the Subject DN (Distinguished Name). For example, a CSR for an SSL/TLS certificate may contain the following fields:
• Common Name (CN): The Fully Qualified Domain Name (FQDN) of the website the certificate is intended to protect.
• Organization (O): The name of a company or organization.
• City/Locality (L): The name of a city or town.
• State/Province (S): The name of a state or province.
• Country (C): A two-letter country code.
Note that only the Common Name field is required by SSL.com when submitting a CSR for an SSL/TLS certificate, and the others are optional. For more information about the Common Name, please refer to this FAQ.
A CSR also contains a public key, and also may include SAN entries with additional domain names to be protected by the certificate.
