User Tools

Site Tools


security:ssl:generate-csr

How to Generate A Certificate Signing Request (CSR)

A Certificate Signing Request (CSR) contains no private information other than what's provided. If you choose to set a passphrase for the CSR it will not be encrypted. The information provided to generate the CSR will be public information tied to the certificate when it's generated.

WHM

On the left hand side of WHM search for Generate an SSL Certificate and Signing Request.

On this page you'll be presented with an array of questions. Check the box labeled When complete, email me the certificate, key, and CSR. and enter an email address where you'd like the CSR emailed. It will be presented in WHM after the form is submitted but you should also keep it stored for your records or if it's needed to be easily obtained later.

From here proceed to Certificate Signing Request (CSR) Fields

cPanel

In cPanel click on the icon labeled SSL/TLS.

From this screen click the link Generate, view, or delete SSL certificate signing requests.

Once on the Generate, view, or delete SSL certificate signing requests. page, proceed to Certificate Signing Request (CSR) Fields

Certificate Signing Request (CSR) Fields

Private Key Options

Key Size

We recommend the default setting of 2048 bits.

Certificate Information

Domains

Provide the FQDNs that you wish to secure, one per line. To create and use a wildcard domain, add an asterisk to the domain name as in the following example: *.example.com. NOTE: Many CAs charge a higher price to issue multiple-domain certificates (sometimes called “UCCs” or “SAN certificates”) and certificates that include wildcard domains.

City

Provide the complete name for the city or locality. Do not use abbreviations.

State

Provide the complete name for the state or province. Do not use abbreviations.

Country

Choose the country of origin for the certificate’s company.

Company Name

Provide the legally-registered name for your business. If your company name includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.

Company Division

Provide the name of the division or group within the above company. If the division includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.

Email

Email address at which the CA can contact you to obtain verification of domain ownership.

Shared Secrets

We recommend this be left blank. If you choose to set a password here be advised that it is not encrypted.


When you click create you'll be presented with your CSR, a self-signed certificate, and the private key. If you chose to receive a generated email then you'll also receive a copy of this information via email.

The CSR in the first box is what you'll need to copy/paste or otherwise send to your certificate vendor.

cPanel

WHM

Do not share your private key with anyone outside of those directly installing it on your server! This is only needed server-side and is not needed by your SSL vendor. cPanel/WHM will save this for you so it can be automatically filled in when actually installing the certificate.

security/ssl/generate-csr.txt · Last modified: 2018/04/18 15:22 by Daniel P.