CSR is an encoded file that provides you the way to send your public key to the SSL certificate provider along with some information that identifies your details including domain name and company. To order an SSL certificate from any registrar, you should first generate a CSR from your hosting account and provide it when asked in the process. The certificate provider servers will ask the details such as common name/domain name, organization name, location, key type, and key size. At the time of the CSR generation, you will include all these details in the connection which helps the certificate provider to verify your identity.
So, if you decided to buy an SSL certificate for your website and migrate from HTTP to HTTPS, it is the time to generate CSR from your hosting account. For this, just follow these steps.
Steps to Generate CSR using cPanel
These steps are only applicable if you have a cPanel dashboard with your hosting account. Luckily, most of the popular web hosting companies including Siteground, Bluehost, GoDaddy, etc. included this future in all of their plans to make it extremely easy to install SSL certificates. Follow the below-given steps to generate CSR using cPanel.
1. Generate Private Key
- Log in to cPanel account.
- Click on SSL/TLS Manager option located in Security section (If you can’t find it, just search in the search box.)
- Click on the Generate, view, upload, or delete your private keys option under the Private Keys (KEY) section.
- You will be brought to the next screen where you can see a section saying Generate a New Private Key. Select or fill the options such as Key Size value (It is recommended to choose at least 2048 bits key size).
- After filling the details, click on Generate.
- You will be given the generated Private Key in encoded and decoded formats.
- The private key will be automatically saved on your account. Click on the Return to SSL Manager button.
2. Generate Certificate Signing Request
- You are currently at the SSL/TLS Manager screen right?
- Click on Generate, view, or delete SSL certificate signing requests option placed under the Certificate Signing Requests (CSR) option.
- You will see an option saying Generate a New Certificate Signing Request (CSR) in the next page. Here, you have to select the Private Key, which was generated in the phase 1. Use the dropdown list under the Key section to select the Private Key. Selecting the ‘Generate a New 2048-bit key’ option will result in a creation of an entirely new Private Key.
- Fill the information required for the CSR code that will be submitted to a Certificate Authority. You have to enter the details such as Domain, City, State, Country, Company, and E-mail. Be sure to provide the correct information and enter it only in alphanumeric characters.
- Click on the Generate button at the bottom.
- That’s it, you’ve successfully generated the CSR code which you can use while purchasing the SSL.
- Click on the Return to SSL Manager button.
Be sure to include —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—– lines when submitting the CSR code for the SSL activation from the provider.
The CSR is ready. Now you have to install it on your website, right? Follow the steps in our guide on installing an SSL certificate.
Remember these while generating Certificate Signing Request with cPanel
There are few things you should be aware during the CSR creation process. We are listing few important points below. Have a look at them.
- Never use the symbols or special characters such as “.,;-@#$%^&!*)(-+=<>?/: in any important fields like your company info or address. Be sure to use the letters, numbers, and allowed characters only.
- Some certificate registrars may not support a bit key length size of more than 2048. But it is very rare to have a registrar with such problems. But it is recommended to go with the 2048.
- Few certificate registrars have strict rules in the format of the file. In most of the cases, the standard supported format is the plain text ASCII Base64 (pem) encoded format.
If you got any errors during the process which is related to the CSR, you should confirm you followed these guidelines. If you found there is a deviation, you may need to regenerate the CSR from your hosting provider panel. Then continue from where you left off. We know, creating a self-signed SSL certificate can be hard sometimes.
Problems you may face during cPanel CSR generation process
The CSR generation process using cPanel is very simple and can be completed by almost anyone. Even though, there are also few chances of occurring problems during the process. So, we shared some of the most found problems during the CSR generation process.
1. No SSL section in cPanel
If you cannot find an SSL section in your cPanel dashboard, it is most likely that it is implemented somewhere else. If your hosting provider uses any custom implementations for providing SSL certificates, they may have removed the option from cPanel. To make sure of the issue, you can simply reach out to their support and inquire about it. It is unlikely that any modern hosting providers doesn’t support the SSL implementations because of the mandatory HTTPS enforced by the popular browsers.
2. Invalid CSR
It is extremely unlikely that you face an “invalid CSR” error during the certificate registration process using cPanel. With the help of ongoing updates and well-thought-out implementation of the current stable version of the cPanel, most of the hosting companies will ensure you get a seamless certificate generation process. However, in some rare cases, especially if you are using a new or bad web hosting service, it is possible that you come across the invalid CSR issue. The solution for this problem is Regenerating CSR once again. If the problem is not going away, you will have to contact your hosting provider. They will check and fix the issue for you.
Sometimes, You don’t have to create a CSR
If you absolutely cannot create a CSR using cPanel, the truth is that you don’t even need one or install a custom certificate. Most of the popular hosting providers such as Siteground and GoDaddy comes with free SSL certificates. You can learn how to get a free SSL certificate to own one. Let’s Encrypt is the most widely adopted choice for free SSLs.