Set Up: Step 2: Generate a Certificate Signing Request (CSR) in cPanel
NOTE: This article is for users who are purchasing an SSL Certificate from another provider for a domain name that is hosted on a Doteasy account. If you are transferring your existing SSL certificate to Doteasy, you do not have to generate a new CSR. Simply upload the SSL certificate and the original private key to your Doteasy account.
Alternatively, you can purchase an SSL certificate from Doteasy, and we will install it for you, free of charge.
A Certificate Signing Request (CSR) is a block of encoded text that is submitted to the Certificate Authority (ie. SSL certificate provider) for the creation of your SSL Certificate. Within the block of encoded text is information used to create your SSL Certificate, such as your organization name and domain name, as well as a public key.
In other words, you only need to generate a CSR if you are in the process of purchasing your SSL certificate from a third-party provider. If you already purchased the SSL from the third-party provider, you can skip to Upload SSL Certificate.
Generate a CSR
- Click SSL/TLS under Security in cPanel.
- Click on Generate, view, or delete SSL certificate signing requests under Certificate Signing Requests (CSR).
- Under Generate a New Certificate Signing Request (CSR), select the private key from the Key menu.
- If the desired private key does not appear in the menu, you can select the Generate a new 2,048 bit key option to generate a new key. Alternatively, you can add a new private key from the Private Keys section.
- Enter your domain name into the Domains textbox. This is the domain name which the SSL Certificate will be installed on.
- Enter the requested information:
City Enter the full name of the city in which your company or organization is registered/located. State Enter the full name of the state or province where your company or organization is located. Country Select the country in which your company or organization is legally registered. Company Enter the legally-registered name for your company or organization. NOTE: Your company/organization must be the legal registrant of the domain name in the certificate request. Company Division You can use this field to differentiate between divisions within your company or organization. For example, “Human Resources” or “Operations”. If inapplicable, simply leave this field blank. Enter your or your company’s email address. NOTE: The email address is only used for the CSR generation; it can be left blank if desired. Passphrase Some certificate authorities may require CSRs to have a passphrase. The passphrase is then used as identification and verification purposes. This field can be left blank if desired. Description You can add a short description or keywords for easier management. This field can be left blank if desired.
- When ready, click Generate to generate the new CSR. You will be shown the newly generated CSR.
Your CSR should start with -----BEGIN CERTIFICATE REQUEST----- and end with -----END CERTIFICATE REQUEST-----
Here’s an example of what your CSR will look like. NOTE: This is just an example and cannot be used to generate an SSL Certificate.
-----BEGIN CERTIFICATE REQUEST----- MIIB3zCCAUgCAQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdHZW9yZ2lhMRAw DgYDVQQHEwdBdGxhbnRhMREwDwYDVQQKEwhHZW9DZXJ0czEaMBgGA1UECxMRSW5l cm5ldCBNYXJrZXRpbmcxGTAXBgNVBAMTEHd3dy5nZW9jZXJ0cy5jb20xITAfBgkq hkiG9w0BCQEWEmFkbWluQGdlb2NlcnRzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB jQAwgYkCgYEA5KOi+RnRzBuBQeFYjrwZg1sfT7zr4L8j0Khuoj621x+lGBmFC76c kGclUIQBmuyp9T9NrNqAjGtEmgdFr6cWLJtgXgi+BaZDLX9BMYF49NuTggNoEUMX crQRAENHb2YthG2SEcF5p98RNcDPzWOA3a4AMvgkxDlDGYUhbcQhnt0CAwEAAaAA MA0GCSqGSIb3DQEBBAUAA4GBAIapt6Tw0BTYUwEAX0/oKvaaN/ghErR85jdW7xOD b1hL0yNfb495A7e/IQyBEP5a/v+QUOtibHS4geiPhH9etAI+DSQmctjbf6dMGJql gCXGwlsTbjPOSmNT+/X2Uvf1BlplwqAMDghEuFHsjshlypz1NEg94ri2K9N1VrBs
-----END CERTIFICATE REQUEST-----
The newly generated CSR will also be added to the SSL Certificate Signing Request on Server table. When you order an SSL Certificate you will be asked for the CSR code. You can simply copy and paste the code to send it to the certificate authority.