Lunarpages Web Hosting Forum

Author Topic: Can a CSR (Certificate Signing request) be generated on a different computer?  (Read 8402 times)

Offline magicmike

  • Newbie
  • *
  • Posts: 3
Hello,

I am trying to find information on generating a Certificate Signing Request using openSSL.

I have found plenty of info on the actual generation of the CSR, I just need to know if the CSR needs to be created on the server that I'm hosted on (SSH into it and create it).
Or can I generate the CSR myself on my own private server.

I think what I'm trying to pin down is, does openSSL use it's host computer as part of creating the "unique" certificate?

Thanks for any help,
Mike

Offline briensmith

  • Newbie
  • *
  • Posts: 4
A CSR or Certificate Signing request is a block of encrypted text that is generated on the server that the certificate will be used on. It contains information that will be included in your certificate such as your organization name, common name (domain name), locality, and country. It also contains the public key that will be included in your certificate. A private key is usually created at the same time that you create the CSR.

A certificate authority will use a CSR to create your SSL certificate, but it does not need your private key. You need to keep your private key secret. What is a CSR and private key good for if someone else can potentially read your communications? The certificate created with a particular CSR will only work with the private key that was generated with it.

Thanks

Computer Repairs Brisbane