CSR Generator

CSR Generator

Generate CSR (Certificate Signing Request) and private key online with just a single click. Simply fill out the form below and click the Generate keys button.

Two keys will be generated — a private key (you must keep it) and a public key (CSR).

Domain name: e.g. www.example.com or subdomain.example.com
For wildcard SSL certificates use: *.example.com
Organisation: If you are an individual, provide your full name
Org. unit: e.g. IT department
City: e.g. London
State or District: e.g. Knightbridge
Key type:
Verification code:   ←
  Include optional fields?

How to manually generate CSR

You can generate a CSR request (.csr) and a private key (.key) using a single openssl command.

Note: Make sure you backup the private key. The private key is in pair with the CSR request, so if you lose it, you will not be able to install your SSL certificate on server. However, if you lose your private key, you can apply for a free replacement (please note that some certificate authorities may not allow reissue).

On a Linux or Mac machine, simply navigate to the directory where you want to generate the CSR and private key. On a Windows machine, open a command prompt and navigate to your openssl / bin directory.

openssl req -new -newkey rsa:2048 -nodes -keyout private.key -out request.csr

Fill out the fields as prompted but keep in mind that some language-specific characters (e.g. á, é, ø, ü, ç…) and the following characters are not accepted: * / \ ( ) ? @ # $ . , < > ~ ! & % ^

Country NameUS(2-letter, ISO 3166-1 standard code)
State or ProvinceNew Hampshire(full State name)
LocalityPortsmouth(full City name)
OrganizationCompany name(or your full name)
Organizational Unit  Security(a department)
Common Name *www.your-domain.com(fully qualified domain name, or wildcard)

* Common Name

Common Name is the domain name you want to secure.

To secure a single domain both with "www" and without "www", you must prepend "www" (e.g. www.example.com). If you do that, most certificate authorities will do a little magic with the certificate, so it will cover both www.example.com and also example.com. But, if you submit a CSR for a domain name without "www", the certificate will not secure the domain with "www". This option usually cannot be changed once you complete the certificate's activation.

To secure a sub-domain (3rd-level domain or higher, e.g. sub.example.com), then fill in the sub-domain as it is without "www". The free extension is usually not applicable to sub-domains.

To secure unlimited sub-domains (applicable only to wildcard SSL certificates), prepend a wildcard character to the domain name (e.g. *.example.com). The wildcard character must be the first character.