Generate a Certificate Signing Request (CSR) in CPanel using the Paper Lantern Theme


Generating a New Private Key
Creating the CSR

Paper Lantern is the newest theme for cPanel environments. If your hosting environment uses cPanel, you may create a Certificate Signing Request (or CSR) via the SSL/TLS Manager. Any CSR request will be linked to a private key, which can also be created in the SSL/TLS Manager. This article will show you how to make a new private key and then create a CSR.

This video also provides step by step instructions – it is for cPanel using the x3 theme, but the steps are similar:

If you are using cPanel with the default x3 theme, see this article for instructions on creating a private key and CSR. Again, the steps are identical – both x3 and Paper Lantern are just themes built over cPanel.

To begin, log into cPanel and open the SSL/TLS Manager.

TIP: Type “ssl” into cPanel’s Find field to narrow down what it displays.


Generating a New Private Keyd

1) On your SSL/TLS Manager page, look under the Private Keys heading and click the “Generate, view, upload, or delete your private keys” link.



2) The Private Keys page will display any existing keys and give the option to create new ones.



3) To create a new private key, first select a key size from the dropdown menu.

cP_PL_04 recommends using a key size of 2,048 bits.

4) Enter a unique description to identify your new private key and click Generate to create it.


Putting the date in the description is a good way to keep track of which keys were created when.

5) You will see your private key displayed, both as encoded and decoded text. Click Return to SSL Manager to proceed to the next step.


Creating the CSRd

1) In your SSL/TLS Manager page, look under the Certificate Signing Requests (CSR) heading and click the “Generate, view, or delete SSL certificate signing requests” link.


2) The SSL Certificate Signing Request page will show you any existing CSRs on your server and allow you to create new CSRs. All the information required for your SSL certificate will be entered on this page.



3) To begin the process of creating your CSR, click the dropdown menu under the Key heading and select a private key to use.


4) In the Domains field, enter the fully qualified domain name (or FQDN) for the site you are going to protect with this certificate. (Some certificates can cover multiple sites with different FQDNs – for advice, take a look at our knowledge base article on this subject).



5) Next, enter your geographical information in the City, State and Country fields. Do not use abbreviations for your city or state, and select the two-letter code for your country from the dropdown menu provided.


6) The Company field is required, while the Company Division is optional (but can definitely be used to clarification what department or section of your organization is responsible for this request). As a rule, do not use special characters in these fields.

7) Finally, enter an email address (required) and if desired a passphrase and a description (both optional – see note below) for your CSR. Click Generate when finished.

cP_PL_12 does not require a passphrase for your CSR. Since this passphrase is easy to read and shared with others, do NOT use a password you employ anywhere else if you choose to include a passphrase in your does recommend including a description to assist you in distinguishing this CSR going forward. Including the date is helpful.

8) You will then be shown your CSR, both encoded and decoded. Copy and paste the encoded text (including the beginning and ending lines) into the “CSR” field in your account when ordering an SSL certificate.

To exit this page, click the Home menu item to return to your cPanel, or click the “Return to Private Keys” or “Return to SSL Manager” links at the bottom of the page