How do I generate the Certificate Signing Request (CSR) for my SSL certificate?

The following document informs you of the process of generating a digital certificate. For help with obtaining a digital certificate see the following article: How do I obtain an SSL certificate?

Certificate Signing Request (CSR)

The certificate signing request (CSR) must be created from a 2048-bit or larger key pair. Check the Sectigo's How-to Guides for your particular web server and instructions for generating a certificate signing request. At some point during the process you will be prompted to enter values for the following six  (Sectigo recommends only three [CN, SAN, Country]) fields that will be encoded in your certificate:

  • Common-name :

  • Subject Alternate Names (DNS) :,

  • Organization : University of Illinois at Chicago

  • Organizational Unit : Department Name

  • Locality : Chicago

  • State : Illinois

  • Country : US

Enter the appropriate values for your server (Common-name) and department (Organizational Unit). All other fields should be entered exactly as shown: no abbreviations (IL, must be Illinois), punctuation, capitalization, extra spaces, et cetera. 

If you are prompted for a webmaster’s email address, phone number, or challenge phrase, enter any reasonable values. These three items are optional and not actually used to create your certificate.

Once you have generated your CSR, visit our request form to have a certificate generated.

CSR Generation using OpenSSL


How to generate a Certificate Signing Request on Apache Mod_SSL/OpenSSL

CSR Generation using Microsoft IIS

Microsoft IIS 5.x & 6.x 

Microsoft IIS 7.x 

Microsoft IIS 8.x 

General Help on CSR Generation 


Note: As an alternative to the manual instructions on this page, Comodo offers a free utility which will automatically install your certificate on your IIS website; SSL Management without the hassle.


Article ID: 808
Fri 1/15/21 6:09 PM
Sat 2/6/21 7:57 PM