A Certificate Signing Request (CSR) is an encrypted text file used in the creation and issuing of your SSL certificate. This file contains an encrypted version of the information needed by a Certificate Authority (CA), such as VeriSign, to create and issue your new SSL. A CSR is always required when issuing an SSL Certificate.
EXAMPLE CSR:
-----BEGIN CERTIFICATE REQUEST-----
MIIBzDCCATUCAQAwgYsxHDAaBgNVBAMTE3d3dy50aGlzaXNhdGVzdC5jb20xCzAJ
BgNVBAYTAlpBMRkwFwYDVQQIExBXZXN0ZXJuIFByb3ZpbmNlMRIwEAYDVQQHEwlD
YXBlIFRvd24xEjAQBgNVBAoTCVRlc3QgQ29ycDEbMBkGA1UECxMSVGVzdGluZyBE
ZXBhcnRtZW50MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVzfmv7vJ9bOyQ
dxMLlgtDIEFz7MWsOUoZOPTq3qsTTXPW61q01jY8eQfs96I5xPjxALPeT4m74cce
UtYxldG7pLJiB3SGU94yvyvHDiyV+6mV/e++KWT2ql0Jv1emmobmAGdUxdx2pW9C
Epr0DmcVny6VGWAI36bG0NdYrNix4QIDAQABoAAwDQYJKoZIhvcNAQEEBQADgYEA
BfSHgDr9Vc460YG+lAiWuVWEife8B4QOojiV8oUxJJDqbA2CEEmXLWfa7/mfUtd5
EQd6voLDT8axpXPbOrmwa3kzEZvQZhg+QvKEyIfncqdWbDUk71tO0fVafBKwRQfE
73J/THmVABZuz9T6X3+KWGxGDiYw0sY3bE7OjBCwr14=
-----END CERTIFICATE REQUEST----- CSRs are most frequently created on the actual web server where your website is hosted. If you have access to your server's control panel or command line, you can likely generate your own CSR without additional help. Instructions for generating a CSR vary by web server. While Apache and Windows IIS are today's most popular web servers, for your convenience, we have also included instructions for generating CSRs on many other commonly used web servers.Once your CSR is created, you will be provided with both the CSR text (see example above) and the Private Key text. While the blocks of text may appear similar, they contain different encrypted information. Your CSR will be included in the final SSL Certificate while the Private Key is kept private (and is used to digitally sign your CSR).
When you are creating your CSR, you will be asked to provide several pieces of information: Common Name (i.e. the domain name where the SSL certificate will function), organization, country, key bit length (many SSL Certificates require a minimum of 1024 bits), email, and more.
Once your CSR and Private Key are supplied, be sure to save both the CSR and Private Key into a file where they will be accessible at a later time. DO NOT LOSE YOUR PRIVATE KEY. If you misplace your private key, you will likely have to generate an entirely new CSR and Private Key, as well as request a reissue of your SSL Certificate before you can digitally sign your certificate.
No comments:
Post a Comment