What is a CSR?

CSR code (Certificate Signing Request) is a specific code and an essential part for the SSL activation. It contains information about website name and the company contact details. For many reasons, the code should be created on the hosting server end. On some servers, it is the obligatory condition.

Note: Many hosting providers offer CSR code generation assistance to their clients where possible. Thus, it is worth checking with the web-hosting company whether they provide such service and whether it is available on your hosting plan.

CSR generation instructions

You can generate a Certificate Signing Request code yourself, e.g. if you manage the hosting server on your own or if this is the best option for your server type/hosting plan. In this case, select your web server from the list below and follow the instructions.

  • Apache OpenSSL/ModSSL/Nginx/Heroku
  • AWS
  • Certreq
  • cPanel
  • CWP 7
  • Citrix NetScaler VPX
  • DirectAdmin
  • Exchange 2007 (PowerShell)
  • Exchange 2010
  • Exchange 2013 (EAC)
  • Exchange 2013 (Shell)
  • Glassfish
  • Google Cloud Service
  • IIS 7
  • IIS 8&10
  • ISPConfig
  • Mac OS via Keychain
  • Mac OS X Server/Yosemite/El Capitan
  • Namecheap EasyWP App
  • Node.js
  • Plesk 12
  • Plesk Onyx
  • SonicWall
  • Sun Java System Web Server 7.x
  • Synology NAS
  • Tomcat (using keytool)
  • Unifi
  • Vesta CP
  • Webmin
  • WHM
  • Windows with OpenSSL
  • Zimbra
  • using MMC/Certreq/Powershell on a Windows-based server

CSR Generation Notes

If you do not see your server type listed above, click on this link for tips to generate CSR provided by Sectigo Certificate Authority (CA).

Alternatively, the following online tool can be used to generate CSR: https://decoder.link/csr_generator. You will find the instructions on how to use it in this article. Please make sure to save both CSR and the Private Key codes, as the latter one will be required for the certificate installation process on the server.

If you are activating a Multi-Domain certificate, and your server does not allow you to generate a CSR for multiple common names, activate your certificate using just one common name. You will be able to add all required Subject Alternative Names (SANs) through your FastSSL account during the activation process.

Please note: Normally, a dedicated IP address is required for SSL installation. However, you may install your SSL certificate on a shared IP address using the Server Name Indication (SNI) protocol extension available in your cPanel. You can learn more about the differences between a dedicated IP and SNI technology in the SNI Technology guide. When contacting our support team regarding this issue, please specify whether you wish to order a dedicated IP address or have your SSL installed on a server’s shared IP.