A Certificate Signing Request (CSR) contains no private information other than what's provided. If you choose to set a passphrase for the CSR it will not be encrypted. The information provided to generate the CSR will be public information tied to the certificate when it's generated.
On the left hand side of WHM search for
Generate an SSL Certificate and Signing Request.
On this page you'll be presented with an array of questions. Check the box labeled
When complete, email me the certificate, key, and CSR. and enter an email address where you'd like the CSR emailed. It will be presented in WHM after the form is submitted but you should also keep it stored for your records or if it's needed to be easily obtained later.
From here proceed to Certificate Signing Request (CSR) Fields
In cPanel click on the icon labeled
From this screen click the link
Generate, view, or delete SSL certificate signing requests.
Once on the
Generate, view, or delete SSL certificate signing requests. page, proceed to Certificate Signing Request (CSR) Fields
We recommend the default setting of 2048 bits.
Provide the FQDNs that you wish to secure, one per line. To create and use a wildcard domain, add an asterisk to the domain name as in the following example: *.example.com. NOTE: Many CAs charge a higher price to issue multiple-domain certificates (sometimes called “UCCs” or “SAN certificates”) and certificates that include wildcard domains.
Provide the complete name for the city or locality. Do not use abbreviations.
Provide the complete name for the state or province. Do not use abbreviations.
Choose the country of origin for the certificate’s company.
Provide the legally-registered name for your business. If your company name includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.
Provide the name of the division or group within the above company. If the division includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.
Email address at which the CA can contact you to obtain verification of domain ownership.
We recommend this be left blank. If you choose to set a password here be advised that it is not encrypted.
When you click
create you'll be presented with your CSR, a self-signed certificate, and the private key. If you chose to receive a generated email then you'll also receive a copy of this information via email.
The CSR in the first box is what you'll need to copy/paste or otherwise send to your certificate vendor.
Do not share your private key with anyone outside of those directly installing it on your server! This is only needed server-side and is not needed by your SSL vendor. cPanel/WHM will save this for you so it can be automatically filled in when actually installing the certificate.