What is the Certificate Signing Request (CSR)?
A Certificate Signing Request (CSR) is a block of encoded texts forwarded to a Certificate Authority (CA) when users apply for a certificate, such as an SSL/TLS certificate. CSR is created on the server where the certificate will be installed. CSR includes information such as domain name, organization name, locality, and country. The request also contains the public key, which will be associated with the certificate generated, and the same server also generates the private key. When developing the certificate, CA would only use the public key, and the private key should be saved and kept secret, as the private key is the key pair of the public key, and the certificate would not work if we lose the private key.
A CSR contains:
Fully qualified domain name (FQDN) of the server, such as encryptionconsulting.com.
Legal name of the organization such as ‘Encryption Consulting LLC.’
Division of the organization, such as IT Department, or Marketing.
City, where the organization is located, such as Prosper.
such as Texas
such as the US
Email address to contact the organization, such as email@example.com
The public key which will be associated with the certificate.