How To Generate A CSR (Certificate Signing Request) For An SSL

Having to generate a CSR (Certificate Signing Request) to the Certificate Authority (CA) is a prerequisite before installing an SSL Certificate on your server, which is necessary to verify your website’s identity and ownership. A CSR is a document with your website’s public key and essential details about your company and domain. It is one of the first steps to get an SSL certificate from a CA.  

How to Generate a CSR

A Certificate Sighing Request is essential for obtaining SSL/TLS certificates, which encrypt data, enhance website security and protect online transactions. SSLs also help increase visitor trust and can improve search engine visibility.

Generating and submitting a CSR to the CA is a prerequisite before installing an SSL certificate on your server, guaranteeing the verification of your website’s identity and ownership. 

CSRs provide details about the company or person requesting the certificate, which CAs use to confirm domain ownership and the authenticity of the certificate request for a domain name. They also contain the public and private keys needed for encrypting data transfers between your website and visitors.

Generate A CSR (Certificate Signing Request) For An SSL - Domains.co.za DV SSL Certificate

To generate a CSR, you will need to provide the following details:

  • Business Name 
  • Business Address 
  • Key Type and Size (the minimum is 2048-bit) 
  • Domain Name (EXAMPLE: www.example.co.za). 

The generated CSR must be pasted into the order form when configuring your SSL certificates to ensure your domain is secure. Here are links to the instructions for generating a CSR for these common web hosting platforms: 

Apache Server (OpenSSL)

Apache Serve

PFX Import/Export

Ubuntu Server with Apache2

Microsoft Exchange Server

Exchange 2016

Exchange 2013

Exchange 2010

Microsoft IIS

IIS 10

IIS 8/8.5

IIS 7

Microsoft Lync

Lync 2013

Lync 2010

Tomcat Server (Keytool)

Tomcat Server

Java Based Server

Domains.co.za will generate a CSR for you and install and configure the SSL certificate for your website when it is issued for you on our server.

Additional Information

Best Practices to Generate a CSR

When you generate a CSR, selecting the right encryption strength for the private key is essential. Typically, a 2048-bit RSA key is recommended for strong security, but higher strengths, such as 3072-bit or 4096-bit, might be chosen for enhanced protection.

Ensure that the CSR includes accurate information that will remain valid for the duration of the SSL certificate’s validity (one year).

If your website requires SSL certificates for various subdomains or multiple domains, think about using wildcard or multi-domain certificates. Just keep in mind that these will need extra configuration when generating the CSR to include all necessary domains.

If there are security breaches or changes within your business, such as domain name change as part of a rebrand, either revoke or renew your SSL certificate. Familiarize yourself with the CSR update process and obtain new certificates from your Certificate Authority (CA).

Protect the CSR and private key by making secure backups; losing these files can hinder certificate installation or lead to security risks. Keep encrypted backups and restrict access to authorised personnel.

Get to know the specific industry regulations and local compliance standards related to SSL certificate issuance and management to guarantee compliance.

After installing the SSL certificate, evaluate and modify your server’s SSL configurations to enhance security. This includes activating protocols such as TLS, setting up cipher suites, and applying HTTP Strict Transport Security (HSTS) to strengthen protection against possible threats.

What Our Customers say...