General CSR Creation Guidelines
Before you can configure an SSL certificate, it is recommended that you generate a Certificate Signing Request (CSR) from your server or device.
A CSR is an encoded file that provides you with a standardized way to send the relevant Certificate Authority (CA) your public key as well as some information that identifies your company and domain name. When you generate a CSR, most server software asks for the following information: common name (e.g., www.example.com), organization name and location (country, state/province, city/town), key type (typically RSA), and key size (2048-bit minimum).
Required Information for a CSR:
1. Common Name (fully qualified domain name [FQDN] your certificate will secure)
2. Country (two-digit code - https://www.digicert.com/kb/ssl-certificate-country-codes.htm)
3. State or Locality (Full names, example; Gauteng, Western Cape)
4. Organization Name (full legal company or personal name as registered in your locality)
5. Organization Unit (department in your organization the certificate is for [e.g., IT or Marketing)
Generating a CSR for a Wildcard Certificate:
When generating a CSR for a Wildcard certificate, the common name must start with an asterisk (*) (e.g., *.example.com). The Wildcard character (*) can assume any name that doesn't have a dot character in it.
Once your CSR is created, you'll need to copy and paste it into the online order form when you go through the configuration process of your SSL certificate.
For step-by-step instructions on how to generate a CSR on common platforms and operating systems, please refer below:
Microsoft IIS:
Microsoft Exchange Server:
- Exchange 2016
- Exchange 2013
- Exchange 2010
Apache Server (OpenSSL):
- Apache Server
- Ubuntu Server with Apache2
- PFX Import/Export
Tomcat Server (Keytool):
- Tomcat Server
- Java Based Server
Microsoft Lync:
