Knowledgebase Article
Generating a CSR (Certificate Signing Request)
What a CSR Actually Is
A Certificate Signing Request, commonly called a CSR, is a block of encoded text generated on your server that contains your domain information and a public key, submitted to a certificate authority as part of ordering an SSL certificate. Generating a CSR also creates a matching private key on your server, which must remain secure and is never shared with anyone, including the certificate authority.
Whether you need a CSR for Domain Validation (DV) SSL: Fast Setup Guide, Organization Validation (OV) SSL: Requirements and Setup, or any other certificate type, the underlying process is largely the same, with OV and EV requiring more detailed organization information within the request.
Information You Will Need
Before generating a CSR, have the following ready. Your exact domain name, entered precisely as it will appear in the certificate, since a mismatch will cause issues later. Your organization's legal name and location, required for OV and EV certificates, though optional for DV. Your organization's department name, if relevant, though this field is often left blank or generic.
Generating a CSR in cPanel
Within cPanel, navigate to the Security section and look for SSL/TLS. Select the option to generate a private key and CSR together, then fill in your domain and organization details as prompted. Once generated, cPanel will display your CSR text, which you will copy and submit to your certificate authority when ordering your certificate.
Generating a CSR in Plesk
Within Plesk, navigate to Websites and Domains, select the relevant domain, and look for SSL/TLS Certificates. Choose the option to add a new certificate, then generate a CSR by filling in the same domain and organization details. Plesk will similarly display the generated CSR text for you to copy.
Keeping Your Private Key Secure
The private key generated alongside your CSR must never be shared with anyone, including your certificate authority, since it is what allows your server to prove ownership of the certificate once issued. If your private key is ever compromised, your certificate should be reissued immediately with a new key pair.
What Happens After Submission
Once you submit your CSR to a certificate authority, they use it to generate your actual SSL certificate, matched specifically to the private key still stored on your server. You cannot use a certificate issued from a different CSR than the one originally submitted, since the private keys will not match.
Next Step
Once your certificate authority issues your certificate, see Installing an SSL Certificate on cPanel/Plesk to complete the installation process using the certificate alongside the private key already stored on your server.