What is a Certificate Signing Request (CSR)?

A Certificate Signing Request (CSR) is an encrypted message used by an applicant to request an SSL certificate from a Certificate Authority (CA). An SSL certificate cryptographically binds an entity's Public Key to identity information about that entity. A CSR, therefore, contains the identity information that will be included in your certificate (like your domain, company name, address and country) along with your public key. Before issuing your certificate, a certificate authority will validate the identity information in the CSR to ensure it is accurate.

How to Generate a CSR

CSRs are generated using webserver software such as IIS, Apache and Nginx and must be created on the server which the certificate is to be used. To create a CSR, you will typically follow a wizard on your web server software which will ask you to enter domain and identity details such as organization name and address. Once generated, a typical CSR looks like this:


Can you help me to generate a CSR?

Comodo has a full range of help documentation which explain how to generate a CSR on popular webserver software. Please make sure to select 2048 bit key size when generating your CSR.

Comodo also offers a free certificate management utility for Apache and IIS which helps you quickly generate a CSR then automatically install your certificate.

What is the structure of a CSR?

When generating a CSR on your webserver, you will typically be asked to complete a short form containing the following fields:




Common Name (CN)

The Fully Qualified Domain Name of the website you want to secure. For wildcards, add an asterisk (*.) before the domain name.

Single Domain: CN = www.domain.com
Wildcard : CN = *.domain.com

Organization (O)

The legally registered name of your company, including suffixes. The 'Organization' must be the legal registrant of the domain listed in the CN field.

Acme Lug Nuts Inc.
Smith Shoelaces Ltd.
Ace Cloud Services Pvt.

Organization Unit (OU)

Usually a department within the company named in the O field.

Accounts Dept.
Human Resources
IT Services

Town / City

Name of the city in which your business is located. Please don't use abbreviations.


Province, Region, County or State

Region in which your business is located. Please don't use abbreviations.

West Midlands
New South Wales

Country Code

Two digit ISO country code for the country in which your business is registered.


Email Address

An email address that can be used to contact the organization. This is usually the certificate administrator.


What do I do after I have generated my CSR?

You need to submit it to Comodo CA as part of the certificate application process. For Comodo Instant SSL certificates, the CSR is submitted after purchasing.

To submit your CSR:

  • First generate a CSR for your domain using your webserver software (see help documentation). Make sure to specify a key size of 2048 bits.
  • Place an order for a certificate at www.instantssl.com. Make sure the domain, company name and address details you enter on the order form match those in your CSR.
  • After submitting your order, do ONE of the following:
    • Click the 'Next Steps' button on the last page of the order forms:

      Click Next Steps To Submit CSR

    • Login to your Comodo account at https://www.comodo.com/login/comodo-members.php and click the 'Accelerate' button next to your incomplete order:

      Click Accelerate Button
    • This will take you to the certificate finalization page. On this page, click the 'Submit Your CSR' row and paste your CSR in the space provided:
      Submit and Paste Your CSR
    • Make sure to include the text '-----Begin Certificate Request-----' and '-----End Certificate Request-----'

Can I check my CSR?

Yes. Simply paste your CSR into Comodo's CSR decoder page to view its details and identify any errors. Visit https://secure.comodo.com/utilities/decodeCSR.html to get started.