A CSR is a block of encrypted text created on the server that will use an SSL certificate.
The creation of a CSR is the first step in registering a SSL certificate. A CSR is a block of encrypted text that is created on the server that will use the certificate. It contains information that will be included in your certificate such as your organization name, common name or domain name, locality, and country.
It also contains the public key that will be included in your certificate. A private key is usually created at the same time that you create the CSR. A certificate authority (CA) will use the CSR to create your SSL certificate.
During the creation of the CSR, you will be prompted to provide certain information about your organization. The web server software will use this information to create your web server certificate's distinguished name (DN). Distinguished names uniquely identify individual servers.
After all of the necessary data is collected the CA will use this data to build the certificate. How a CSR is generated depends on the web server software used. Once the CSR is generated, it can be submitted to the CA. If the request is successfully validated, the CA will issue the SSL certificate.
A CSR requires the following information:
- Country Code: This two-letter International Organization for Standardization (ISO) format country code for the country in which an organization is legally registered.
- State or Province: Name of state, province, region, or territory where an organization is located. Abbreviations should not be used, the full name must be entered.
- City or Locality: Name of the city or locality in which your organization is registered or located. Abbreviations should not be used, the full name must be entered.
- Organization: The legally registered of a business. The listed organization must be the legal registrant of the domain name in the certificate request. If a small business or sole proprietor is creating the certificate, the certificate requester's name should be entered in the "Organization" field, and the doing business as (DBA) name in the "Organizational Unit" field.
- Organizational Unit: This field is used to differentiate between divisions within an organization. For example, "Engineering" or "Human Resources." If applicable, a DBA can be entered in name in this field.
- Common name: This field is for the (CN) of the business submitting the CSR and it must be the fully qualified domain name (FQDN) for the website using the certificate, for example, "www.example". The "http://" or "https://" prefixes should not be included in the common name nor should a personal name be entered in this field.