Redirecting you to

A Certificate Signing Request (CSR) is an encrypted message used by an applicant to request an SSL certificate from a Certificate Authority (CA). An SSL certificate cryptographically binds an entity's Public Key to identity information about that entity. A CSR, therefore, contains the identity information that will be included in your certificate (like your domain, company name, address and country) along with your public key. Before issuing your certificate, a certificate authority will validate the identity information in the CSR to ensure it is accurate.

How to Generate a CSR

CSRs are generated using webserver software such as IIS, Apache and Nginx and must be created on the server which the certificate is to be used. To create a CSR, you will typically follow a wizard on your web server software which will ask you to enter domain and identity details such as organization name and address. Once generated, a typical CSR looks like this:


Can you help me to generate a CSR?

Sectigo has a full range of help documentation which explain how to generate a CSR on popular webserver software. Please make sure to select 2048 bit key size when generating your CSR.

Sectigo also offers a Certificate Management platform for Apache and IIS which helps you quickly generate a CSR then automatically install your certificate.

What is the structure of a CSR?

When generating a CSR on your webserver, you will typically be asked to complete a short form containing the following fields:

Common Name (CN)The Fully Qualified Domain Name of the website you want to secure. For wildcards, add an asterisk (*.) before the domain name.Single Domain: CN = Wildcard : CN = *
Organization (O)The legally registered name of your company, including suffixes. The 'Organization' must be the legal registrant of the domain listed in the CN field.Acme Lug Nuts Inc.Smith Shoelaces Ltd.Ace Cloud Services Pvt
Organization Unit (OU)Usually a department within the company named in the O field.Accounts Dept.Human ResourcesIT Services
Town / CityName of the city in which your business is located. Please don't use abbreviations.SeattleBirminghamStrasbourg Sydney
Province, Region, County or StateRegion in which your business is located. Please don't use abbreviations.WashingtonWest MidlandsAlsaceNew South Wales
Country CodeTwo digit ISO country code for the country in which your business is registered.USUKFRAU
Email AddressAn email address that can be used to contact the organization. This is usually the certificate administrator.[email protected]

What do I do after I have generated my CSR?

You need to submit it to Sectigo as part of the certificate application process. For Instant SSL certificates, the CSR is submitted after purchasing.

To submit your CSR:

  • First generate a CSR for your domain using your webserver software. Make sure to specify a key size of 2048 bits.
  • Place an order for a certificate. Make sure the domain, company name and address details you enter on the order form match those in your CSR.
  • After submitting your order, do ONE of the following:
    • Click the 'Next Steps' button on the last page of the order forms: 

      Click Next Steps To Submit CSR

    • Login to your account at and click the 'Accelerate' button next to your incomplete order:

      Click Accelerate Button
    • This will take you to the certificate finalization page. On this page, click the 'Submit Your CSR' row and paste your CSR in the space provided:
      Submit and Paste Your CSR
    • Make sure to include the text '-----Begin Certificate Request-----' and '-----End Certificate Request-----'