Heartbleed Urgent Service Notice!
About the CSR
The Certificate Signing Request (CSR) is a small, encrypted text file. The CSR contains all the necessary information needed by a Certificate Authority (CA), such as GeoTrust, to generate and issue a new SSL certificate. Simply put, the CSR is the first and most important step in applying for an SSL certificate. You can't get one without it.
Below is an example of what your CSR will look like. This is a example only and cannot be used to generate your SSL certificate.
The CSR is typically generated by the web server software on the server where your site is hosted. In most cases the CSR can be generated by you if you have access to your server via web interface control panel or command-line. How you generate the CSR depends on the brand of web server software your site is hosted on. The most popular are Apache and Windows IIS. We have a list of CSR how-to's for many popular web servers. In other cases your hosting provider may need to help you. This is a very common request for hosting companies and they should be willing to generate a CSR for you or point you in the right direction to do it yourself.
When the Web Server generates the CSR it is actually generating a Private and Public Key pair. The private key is kept secret and the public key is bundled into the CSR. The CSR is digitally signed by the private key which proves to the CA that the Web Server has possession of the private key (called proof of possession). Your site's domain name, your business/organization's legal name, city, state, and country are also part of the CSR.
You will be asked for several pieces of info which will be used by GeoTrust to create your new SSL certificate. These fields include the Common Name (aka domain, FQDN), organization, country, key bit length, etc. Use the CSR Legend in the right-hand column of this page to guide you when asked for this information. The following characters should not be used when typing in your CSR input: < > ~ ! @ # $ % ^ / \ ( ) ? , &
How-to generate a CSR for popular web servers.
Learn more about the CSR at Wikipedia.
When generating your CSR you will be asked to input a few pieces of info. Below are some common fields with descriptions and examples.
Common Name (CN)
The fully-qualified-domain name for your certificate. Examples include...
The exact legal name of your organization. Do not abbreviate your organization's name. Example: Metro Realty LLC or Flowers by Jenny
Organizational Unit (OU)
The section or division of the organization. Example: Sales, Support, Customer Service
City or Locality (L)
The city where your organization is legally located. Cannot be abbreviated. Example: Atlanta
State (S) or Province
The state or province where your organization is legally located. Cannot be abbreviated.. Example: Georgia
The two-letter ISO Country Code abbreviation for your country. Example: US, CA, GB (must be two-letters)
Any email address. This field is arbitrary but must be filled in. GeoTrust will not use this email address to process your order. Example: email@example.com
Key Bit Length
The key bit length has to do with the initial key exchange, not the encryption strength of your certificate. GeoTrust recommends a key bit length of 2048.
Our Customers(see more)