CSR Generator - Generate Certificate Signing Requests Online

Free online CSR Generator - Generate Certificate Signing Requests Online tool. No signup required.

Free & instant 100% client-side No signup needed

Certificate Information

Last updated

What is a CSR?

A Certificate Signing Request (CSR) is an encoded text file containing your public key and identifying information. You generate a CSR on your server and submit it to a Certificate Authority (CA) like Let's Encrypt, DigiCert, or Sectigo. The CA validates your information and issues an SSL/TLS certificate signed with their private key.

The CSR contains your domain name, organization details, and public key. The corresponding private key stays on your server and must be kept secret. When the CA returns your signed certificate, you install it along with the private key to enable HTTPS on your website.

CSR Components

CSR Format: 
-----BEGIN CERTIFICATE REQUEST-----
MIICvDCCAaQCAQAwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEx
FjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xFDASBgNVBAoMC0V4YW1wbGUgSW5jMRYw
... (Base64 encoded data)
-----END CERTIFICATE REQUEST-----

How to Use the CSR Generator

Step 1: Enter Certificate Information

Fill in all required fields marked with asterisks. Use your actual domain name for Common Name. Enter your organization's legal name and location. The country code must be exactly 2 letters (US, GB, CA, etc.).

Step 2: Generate CSR and Private Key

Click "Generate CSR" to create both the CSR and private key. Generation happens in your browser - no data is sent to any server. The private key is generated automatically and must be kept secure.

Step 3: Download Both Files

Download the CSR and private key immediately. Store the private key securely on your server with restricted permissions (chmod 600). Never share or lose the private key - you'll need it to install the certificate.

Step 4: Submit CSR to Certificate Authority

Copy the CSR and paste it into your CA's certificate request form. The CA will validate your information and issue a signed certificate. Install the certificate with your private key to enable HTTPS.

Common Use Cases

1. SSL/TLS Certificate Request

Generate a CSR when purchasing or renewing SSL/TLS certificates. Submit the CSR to your chosen CA (Let's Encrypt, DigiCert, Sectigo) to get a signed certificate for your domain.

2. Wildcard Certificate

Use *.example.com as the Common Name to request a wildcard certificate that covers all subdomains. Wildcard certificates are useful for sites with many subdomains.

3. Multi-Domain Certificate (SAN)

Some CAs allow you to add Subject Alternative Names (SAN) after submitting the CSR. This lets one certificate cover multiple different domains.

4. Internal Certificate Authority

Generate CSRs for internal certificates signed by your organization's private CA. This is common in enterprise environments for internal services.

5. Certificate Renewal

Generate a new CSR when renewing certificates. While you can reuse the old private key, generating a new key pair is more secure and recommended.

CSR Examples

Example 1: Generate CSR with OpenSSL

# Generate private key and CSR
openssl req -new -newkey rsa:2048 -nodes \
  -keyout private.key -out request.csr

# Generate CSR from existing key
openssl req -new -key private.key -out request.csr

Example 2: View CSR Contents

# Decode and view CSR
openssl req -in request.csr -noout -text

# Verify CSR signature
openssl req -in request.csr -noout -verify

Example 3: Extract Public Key from CSR

# Extract public key
openssl req -in request.csr -noout -pubkey

# View subject information
openssl req -in request.csr -noout -subject

Example 4: Generate CSR for Wildcard

# Wildcard certificate CSR
openssl req -new -newkey rsa:2048 -nodes \
  -keyout wildcard.key -out wildcard.csr \
  -subj "/C=US/ST=California/L=San Francisco/O=Example Inc/CN=*.example.com"

Example 5: Install Certificate

# After receiving certificate from CA
# Copy certificate and key to server
sudo cp certificate.crt /etc/ssl/certs/
sudo cp private.key /etc/ssl/private/
sudo chmod 600 /etc/ssl/private/private.key

# Configure web server (nginx example)
ssl_certificate /etc/ssl/certs/certificate.crt;
ssl_certificate_key /etc/ssl/private/private.key;

Frequently Asked Questions

What information do I need to generate a CSR?
You need your domain name (Common Name), organization name, city, state/province, and country code. Organizational Unit and email are optional but recommended.

Frequently Asked Questions

Yes, our Csr Generator is completely free with no registration required. Use it unlimited times without any restrictions.

Yes, all processing happens locally in your browser. Your data never leaves your device and is not stored on our servers.

No installation needed. The tool works directly in your web browser on any device.

Simply click the generate button and the tool will create a secure, random output instantly. You can customize options if available.

Yes, use the available options to adjust the output format and parameters to match your needs.