What is a CSR?
Typically, a Certificate Signing Request (or CSR) code is generated upon your request by your hosting company for the website you want to secure with an SSL certificate.
However, you may generate a Certificate Signing Request code yourself (or your hosting company may advise you to do so). In which case, select your web server from the list below and follow the instructions.
- cPanel
- Apache OpenSSL/ModSSL/Nginx/Heroku
- WHM 11.48
- Tomcat (using keytool)
- Plesk 12
- Plesk Onyx
- IIS 7
- IIS 8
- IIS 10
- DirectAdmin
- Exchange 2007 (PowerShell)
- AWS
- Synology NAS
- Vesta CP
- Mac OS X
- Sun Java System Web Server 7.x
- Webmin
- Node.js
- Exchange 2013 (EAC)
- Exchange 2013 (Shell)
- Exchange 2010
- Glassfish
- Zimbra
- Google Cloud Service
- using MMC/Certreq/Powershell on a Windows-based server
- SonicWall
- Citrix NetScaler VPX
- CWP 7
- Certreq
Note: CSR codes should have no less than 2048-bit key size.
CSR Generation Notes
If you do not see your server type listed above, click on this link for tips to generate CSR provided by Comodo CA (now Sectigo CA).
Alternatively, the following online tool can be used to generate CSR: here. Please make sure to save both CSR and the Private Key codes, as the latter one will be required for the certificate installation process on the server.
If you are activating a Multi-domain certificate, and your server does not allow you to generate a CSR for multiple common names, activate your certificate using just one common name. You will be able to add all required SANs through ZTABOX during the activation process.
Please note: Normally, a dedicated IP address is required for SSL installation. However, you may install your SSL certificate on a shared IP address using the Server Name Indication (SNI) protocol extension available in your cPanel. You can learn more about the differences between a dedicated IP and SNI technology in the SNI Technology guide. When contacting our support team regarding this issue, please specify whether you wish to order a dedicated IP address or have your SSL installed on a server's shared IP.