en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

Generate a Certificate Signing Request (CSR) in macOS Keychain Access

How to Generate a CSR in macOS Keychain Access

Time needed: 15 minutes.

To order your certificate from SSL.com, you need to generate a Certificate Signing Request (CSR). To generate a CSR in macOS Keychain Access you’ll need to:

  1. Open Keychain Access.

    Open the Keychain Access application, located at /Applications/Utilities/Keychain Access.app.
    Keychain Access.app

  2. Open Certificate Assistant.

    Select Keychain Access >> Certificate Assistant >> Request a Certificate From a Certificate Authority… from the menu.
    Request a Certificate From a Certificate Athority

  3. Enter email address and common name.

    In the Certificate Assistant window that opens, enter your email address in the User Email Address field. Then, enter the Fully Qualified Domain Name (FQDN) of the website this certificate will protect in the Common Name field (depending on the certificate type, this may be a wildcard, such as *.example.com). Leave the CA Email Address field blank. Check the Saved to disk radio button.
    Enter email address and common name

  4. Choose to specify key size and algorithm (optional).

    If you want to change the default key size and algorithm for the key pair (optional), check the Let me specify key pair information checkbox.
    Let me specify key pair information

  5. Continue.

    Click the Continue button.
    Continue button

  6. Save CSR.

    In the dialog box that appears, give the CSR a filename with the extension .certSigningRequest, choose a location to save it, and click the Save button.
    create filename

  7. Select key size and algorithm (optional).

    If you checked the optional Let me specify key pair information checkbox in step 4 above, you will be prompted to choose the Key Size and Algorithm from the drop-down menus. After setting them, click Continue. If you did not check the box this prompt will not appear.
    Select key size and algorithm

  8. Show in Finder.

    Your new CSR will be saved to disk in the location you specified. Clicking the Show In Finder… button will open a Finder window with the CSR file.
    Show In Finder

  9. Close Certificate Assistant.

    Click the Done button to close the Certificate Assistant window.
    Done button

  10. Confirm key pair generation and installation.

    You can confirm that your new key pair has been generated and installed in your system by clicking All Items in the left-hand Category menu of the main Keychain Access window and typing the Common Name for the new CSR in the search box at the upper right.
    Search for key pair

  11. Open CSR in a text editor.

    Open the new CSR file in a text editor to copy and paste it when ordering certificates from SSL.com. See our how-to on Ordering and Retrieving SSL/TLS Certificates for instructions on using your new CSR in certificate orders. For information on installing your certificate, please see our how-to, SSL/TLS Installation on macOS 10.14 Mojave.
    CSR in text editor

Video: CSR Generation on macOS 10.15 (Catalina)

Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com