How to Create a CSR for Your SSL Certificate

 

Creating a Certificate Signing Request (CSR) for your SSL Certificate is the first step in getting the certificate activated.

A CSR is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate.

 

To generate your CSR please follow the guides provided:

Another method for easy CSR generation is https://csrgenerator.com/

It is very important to save the CSR block and RSA Private Key block when you generate the CSR. You WILL need these to configure and install your SSL certificate.

Generating a Certificate Signing Request

To generate the CSR you will need a few pieces of information that should be readily available to you.

Not sure if you need a Standard SSL Certificate or Wildcard SSL Certificate? Our SSL Certificate Guide will tell you all you need to know!

  • The Country your company is located in
  • The State your company is located in
  • The Locality (City) your company is located in
  • The Organisation name (Company name)
  • The Common Name (CN)
  • The Department name inside the company

The field that most people need help with is the Common Name (CN).
What is the CN? Simply put, it’s the domain or subdomain you are setting the SSL Certificate up for.

What you enter into the CN field for your CSR needs to be exactly correct, or the SSL Certificate will fail to issue.

 

 

Selecting a Common Name (CN)

If you are trying to setup a SSL certificate for www.domain.com and you also want to secure domain.com (if users do not type the www. before your domain) you will want to enter “www.domain.com” for your CN.

Entering www.domain.com will work for both www.domain.com and domain.com. This is the ONLY Common Name that will work for more than one domain/subdomain pair, unless you are purchasing a Wildcard SSL Certificate.

If you want to secure a specific subdomain that is not www., such as manage., you would enter that subdomain for the Common Name.

So, for manage.togglebox.com we would enter “manage.togglebox.com” as the CN.

Please note that in this case tbox-staging-clone472921.dal.togglebox.site and togglebox.com will NOT be able to use the SSL Certificate. Visitors to https://tbox-staging.dal.togglebox.site will receive a SSL Certificate mismatch error/warning in their browser.

 

I have my CSR, now what?

Great! You’re almost finished configuring the SSL Certificate for issuance.
The next step is to copy & paste the CSR block into the designated CSR field in the SSL Certification configuration page.

If you do not have the CSR when ordering you can always skip that part and enter it later on from your Account Portal at https://manage.togglebox.com/ -> SSL Certificates -> Click your Certificate.
Lastly, once you have the CSR entered you will need to contact our staff so the certificate can be issued.

 

 

Standard SSL Certificates

will only secure one domain or subdomain.

If you configure the CSR Common Name for manage.togglebox.com for example, only manage.togglebox.com can use the SSL certificate, all other subdomains and even the regular tbox-staging-clone472921.dal.togglebox.site will give SSL Certificate Errors/Warnings when users browse those URLS.

The only exception to this is that www.domain.com will work for both www.domain.com and domain.com. This does NOT work in reverse, though.

Setting the CSR Common Name (CN) to domain.com will NOT secure www.domain.com.

 

Wildcard SSL Certificates

will secure ALL subdomains of a domain and the domain itself.

With a Wildcard Certificate on togglebox.com, for example, all of the following will be secured under the one certificate; togglebox.com, tbox-staging-clone472921.dal.togglebox.site, manage.togglebox.com, secure.togglebox.com, etc.

 

Go here for more important information about SSL Certificates.