Have a question or solution? Be sure to visit the SSL.com IT Security Q&A community site.
Ssl_seal_1_ev

Home : Important Notes on generating a CSR
Q10000 - INFO: Important Notes on generating a CSR

Instructions for generating a Certificate Signing Request (CSR) are dependant on the webserver software you are using. Just select the webserver software you are using from the list in this category.

SSL Server Certificates are compatible with all secure webserver software. If the webserver software you are using is not listed, please contact support@ssl.com with complete details of your webserver software (please be sure to included the vendor name, software title and version of the software).

Important Information:

Understanding the Common Name
Before you can enroll for a SSL Server Certificate, you must generate a CSR from your webserver software. During the creation of the CSR, the following fields must be entered: Organization (O), Organizational Unit (OU), Country (C), State (S), Locality (L), and Common Name (CN). The Common Name field is often misunderstood and is filled out incorrectly.

The Common Name is typically composed of Host + Domain Name and will look like "www.yoursite.com" or "yoursite.com". SSL Server Certificates are specific to the Common Name that they have been issued to at the Host level. The Common Name must be the same as the Web address you will be accessing when connecting to a secure site. For example, a SSL Server Certificate for the domain "domain.com" will receive a warning if accessing a site named "www.domain.com" or "secure.domain.com", as "www.domain.com" and "secure.domain.com" are different from "domain.com". You would need to create a CSR for the correct Common Name. When the Certificate will be used on an Intranet (or internal network), the Common Name may be one word, and it can also be the name of the server.

Related Articles
No Related Articles Available.

Article Attachments
No Attachments Available.

Related External Links
https://info.ssl.com/faq-can-i-create-a-subdomain-domain-com-wildcard-how-about-subdomain-com/
https://info.ssl.com/faq-can-i-use-wildcard-domains-in-my-ucc-certificate/
https://info.ssl.com/howto-generate-a-csr-for-windows-2012iis-8-5/
https://info.ssl.com/howto-generate-a-certificate-signing-request-csr-using-cpanel/
https://info.ssl.com/howto-generate-a-csr-for-openssl-see-tools-ssl-com/
https://info.ssl.com/?s=csr
Help us improve this article...
What did you think of this article?

poor 
1
2
3
4
5
6
7
8
9
10

 excellent
Tell us why you rated the content this way. (optional)
 
Comments...
What does the common name need to match? Does it need to match the node name (uname -n) plus the domain name? Does it need to match the DNS record for the domain? If the server is behind a firewall with a public address of 123.123.123.123 and the HTTPS requests are forwarded to 192.168.0.2 can the common name be 123.123.123.123? What constitutes a match? Approved: 8/21/2014
Created on 5/11/2004.
Last Modified on 2/5/2015.
Last Modified by Administrator.
Rated 5 out of 10 based on 3567 votes.
Print Article
Email Article