Skip to main content

    What Is a CSR? Certificate Signing Request Explained

    A CSR (Certificate Signing Request) carries your public key and identity to a certificate authority when you order an SSL certificate. Here's what's inside.

    MS
    My-SSL Security Team
    ·
    11 min read
    ·
    Published July 12, 2026
    ·
    Last updated July 12, 2026

    In short

    A CSR (Certificate Signing Request) is a small, encoded block of text you generate on your server when you apply for an SSL/TLS certificate. It packages your public key together with the identity that will appear on the certificate — your domain name and, for higher validation levels, your organization — and it is signed with your matching private key to prove the two belong together. You send the CSR to a certificate authority; the CA validates it and issues a signed certificate built from the public key and details inside. The private key never leaves your server and is never part of the CSR.

    Every SSL certificate order asks for one at some point: "paste your CSR here." It arrives as an intimidating slab of base64 wrapped in -----BEGIN CERTIFICATE REQUEST----- lines, and it's easy to treat it as a magic string you copy without really knowing what it is. It's actually a simple idea: a CSR is how you ask a certificate authority to vouch for a public key, while keeping the matching private key entirely to yourself. Understand that one exchange and the rest of the certificate process stops being mysterious.

    What is a CSR, exactly?

    A CSR is a message you generate and send to a certificate authority to request a certificate. Formally it follows the PKCS#10 standard (RFC 2986): a structured block containing your public key, the identity details you want certified, and a signature made with your private key. That signature is the clever part — it proves you hold the private key that matches the public key, without ever revealing the key itself.

    Think of it as a sealed application form. The form states who you are and hands over one half of a lock (the public key); the seal is made with the other half (the private key) that stays in your pocket. Anyone can read the form, but only the holder of the private key could have sealed it. The CA checks the seal, verifies the identity claims independently, and then issues a certificate — its own signed statement that this public key really does belong to this domain.

    Crucially, the CSR is a request, not the certificate. It carries no authority on its own. Its whole purpose is to travel to a CA and come back transformed into something browsers will trust. If you understand how PKI establishes trust, the CSR is simply the on-ramp: the moment a key pair you generated enters the chain of trust.

    What's inside a CSR?

    A CSR holds three things: a subject, a public key, and a signature. The subject is your identity — at minimum the Common Name, which is the domain the certificate will protect, plus optional organization, locality, state, and country fields. The public key is the half of your key pair that will end up in the finished certificate. The signature binds the two together and proves you own the private key.

    The org fields only matter for higher validation levels. A domain-validated certificate ignores them — the CA only confirms you control the domain — while OV and EV certificates verify the organization details against public records, so accuracy there matters. One field that no longer lives in the CSR the way people expect is the list of extra hostnames: modern CAs usually take Subject Alternative Names from the order, not the CSR, which is why the Common Name has quietly become the least important part of the request.

    The anatomy of a CSRA labeled diagram of a Certificate Signing Request with three stacked parts. Top: the subject, holding the Common Name (your domain), plus optional organization, locality, state, and country fields. Middle, highlighted in gold: the public key, the part the certificate is actually built around. Bottom: the signature, made with your private key over everything above it, which proves you hold the matching private key. A side note reads that the private key itself is never inside the CSR.What a CSR actually contains1. Subject — who you say you areCommon Name (CN): the domain, e.g. www.example.comOrganization, Org Unit, Locality, State, Country(org fields only used for OV / EV validation)2. Public key — the part that gets certifiedRSA 2048+ or ECDSA P-256 / P-384The CA copies THIS into your certificate3. Signature — the proofSigns parts 1 + 2 with your PRIVATE keyProves you hold the matching private keyPrivate keystays on your serverNOT inside the CSR
    The gold band is the payload: the public key is the one part the CA lifts out and drops into your certificate. Everything else either describes it or proves you own its private half.

    The CSR and the private key: one pair, two halves

    Generating a CSR always produces two files at once: the CSR itself and a private key. They come from a single key pair, and they have opposite rules. The CSR is public — you can email it or paste it into an order form without a second thought. The private key is the secret that must never leave the machine it was made on. Mixing up their handling is the single most damaging CSR mistake there is.

    The reason both exist is that the certificate you eventually install only works when it can be paired with the private key. The certificate proves ownership of a public key; the private key is what actually performs the decryption and signing during a TLS handshake. So the CSR starts the process, but the private key finishes it. This is why "I got my certificate but lost the key" is an unrecoverable situation — the two are useless apart.

    One key pair splits into a public half that travels and a private half that staysA diagram beginning with a single key-pair generation step on your server. It splits into two paths. The public key, highlighted in gold, goes into the CSR and travels to the certificate authority. The private key stays behind a locked box on your server and never moves. A caption notes that if the private key is lost, the issued certificate becomes unusable.Same origin, opposite destinationsGenerate key pairon your server(one step, two keys)Public keygoes into the CSRCertificate Authorityreceives it, validates, signsPrivate keystays locked on the serverNever transmittedno copy leaves your serverLose the private key and the certificate you get back can't be used — there's nothing to pair it with.
    The CSR is the public key's boarding pass. The private key never buys a ticket — which is exactly why a certificate is worthless without the key that stayed home.

    How a CSR becomes a certificate

    When a CA receives your CSR, it does three things: it checks the signature to confirm you hold the private key, it independently validates the identity claims (domain control for every certificate, plus organization checks for OV and EV), and then it constructs a new X.509 certificate. That certificate wraps your public key inside the CA's own signed statement, with a serial number, validity period, and signature that the CA — not you — chooses.

    A common misconception is that the CA "signs your CSR" and hands it back. It doesn't. The signature on your CSR is only a proof-of-possession check; once the CA has used it to confirm ownership, it's discarded. The certificate the CA issues is a fresh document, signed with the CA's private key so that browsers — which already trust that CA — will trust your certificate by extension. Your public key is the one thing carried across from the CSR into the finished certificate.

    The four stages from key pair to installed certificateA left-to-right flow of four steps. One: generate the key pair and build the CSR. Two: submit the CSR to the certificate authority. Three, highlighted in gold: the CA validates domain control and, for OV and EV, organization identity, then signs a new certificate around your public key. Four: install the certificate alongside the private key you kept.From CSR to a trusted certificate1. Generatekey pair + CSRon your server2. SubmitCSR to the CAwith your order3. Validate + signCA checks control,issues certificate4. Installcert + private keyon the serverThe CA builds a brand-new certificate — it chooses the serial, validity, and signature; it does not reuse your CSR's signature.
    Step 3 is where the CSR stops being a request. The CA verifies you, then writes its own signed certificate around your public key — your CSR's own signature was only ever proof you held the private key.

    How do you generate a CSR?

    There are three common paths, and they produce the same PKCS#10 result. You can run OpenSSL on the server that will host the certificate, use your hosting control panel's built-in generator (cPanel, Plesk, IIS all have one), or use a browser-based tool. Whichever you choose, the golden rule is the same: generate the CSR where — or in a way that keeps — the private key safely under your control.

    OpenSSL on the server

    The command openssl req -new -newkey rsa:2048 -nodes -keyout example.key -out example.csr creates the key pair and CSR together and prompts you for the subject fields. Swap in -newkey ec -pkeyopt ec_paramgen_curve:P-256 for an ECDSA key. The private key file stays on the server; only the .csr goes to the CA.

    Your hosting control panel

    Panels generate the CSR and store the key for you, which is convenient but means the key lives wherever the panel keeps it. That's fine for most sites — just know where it is, because you'll need it at install time. Our step-by-step CSR generation guide walks through the fields and the panels one at a time.

    A browser-based generator

    If you'd rather not touch a command line, My-SSL's free CSR Generator tool builds the key pair and CSR entirely in your browser — the private key is created locally and never transmitted to any server — then lets you download both. It's a safe middle ground when you don't have shell access to the machine.

    Whatever you generate, verify it before you submit. Pasting the CSR into a decoder confirms the domain and organization fields are spelled correctly and the key size is what you intended — a two-minute check that saves a rejected order later.

    RSA or ECDSA? Key choices in your CSR

    The key type is decided when you generate the CSR, because the key pair is created first and the CSR is built around it. Under the CA/Browser Forum Baseline Requirements, a public certificate must use either an RSA key of at least 2048 bits or an ECDSA key on the NIST P-256, P-384, or P-521 curves. Those are your only two families, and both are fully trusted — the choice is about compatibility and performance, not security level.

    RSA 2048 is the safe default: every client that has ever spoken TLS understands it. ECDSA P-256 gives equivalent security with a much smaller key and faster handshakes, and it's the better modern choice for any stack that supports it — which today is essentially all current browsers and servers. If you want the full trade-off, our comparison of ECC vs RSA certificates lays out where each still makes sense. As of July 2026, the 2048-bit RSA floor and the approved ECDSA curves are unchanged in the Baseline Requirements.

    Common CSR mistakes and how to avoid them

    Most CSR problems trace back to a handful of avoidable errors: losing the private key that pairs with the CSR, mistyping a subject field, generating the CSR on the wrong machine, or submitting a CSR whose key falls below the current minimum. Each one shows up either as a rejected order or as a certificate you can't install. Here's how to sidestep the common ones.

    Discarding or misplacing the private key

    By far the most costly mistake. If you generate the CSR in one place and install the certificate in another, the private key has to make that trip too — a certificate without its key is unusable. Note where the key is saved the moment you generate it, and back it up somewhere only you can reach.

    Typos in the subject fields

    For OV and EV certificates the organization details are verified against public records, so a shortened company name or wrong locality can stall validation for days. Decode the CSR and read the fields back before submitting. For DV certificates the org fields are ignored entirely, so don't lose sleep over them there.

    A key below the current minimum

    A CSR built with an RSA-1024 key — or an unsupported curve — will be rejected outright, because it's under the CA/Browser Forum floor. Generate RSA at 2048 bits or higher, or ECDSA on an approved NIST curve, and this never comes up.

    Reusing one CSR and key everywhere

    Nothing stops you from reusing a CSR, but doing so reuses a single private key across many certificates, so one leak compromises all of them. Generating a fresh CSR and key pair per certificate keeps each one isolated — cheap insurance for a two-minute step.

    Frequently Asked Questions

    Get instant answers to common questions about SSL certificates and our services.

    Still Have Questions?

    Our SSL experts are available 24/7 to help with any questions about certificates, installation, or technical issues.

    The bottom line

    A CSR is the public, signed request that carries your public key and identity to a certificate authority, while its matching private key stays home — and that split is the whole point. When you're ready to make one, the free My-SSL CSR Generator creates the key pair and CSR in your browser, and the CSR generation guide covers the same job on OpenSSL and the major hosting panels.