1. Knowledge Base
  2. >
  3. Results
  4. >
  5. How To Generate a CSR in cPanel

How To Generate a CSR in cPanel


If you need to read more information on CSR and on how to request it online, please read the article below:

Below are the steps to generate a CSR through the cPanel, which is available with the change to enable AutoSSL and Let's Encrypt.

You may find some links below that will redirect you to your cPanel and its features, provided that the following conditions are met.
  • You are logged into your Customer Portal. You can also log in after clicking the link.
  • The hosting package you are attempting to access is either Shared or Cloud.
  1. Log in to cPanel.
  2. Look for the Security section, then click on SSL/TLS.

    cPanel - SSL/TLS

  3. Under Certificate Signing Requests (CSR), click the Generate, view, or delete SSL certificate signing requests link.

    cPanel - Certificate Signing Requests

  4. Fill out the necessary fields on the next page. When filling in the details, use only alphanumeric characters.

    cPanel - Generate Certificate Signing Requests

    • Key* - A completely new Private Key will be generated if you select Generate a New 2048-bit key. If the private key was generated separately, select it from the dropdown.
    • Domains * - The fully qualified domain name on which the SSL will be activated. The domain name for all Wildcard certificates should be written with an asterisk in front (*.hgexample.com). To create your CSR for multiple domains, enter each domain in a new line.
    • City* - The complete name for the city or locality. Do not use abbreviations.
    • State* - The complete name of the state or province. Do not use abbreviations.
    • Country* - The country of origin for the certificate's company from the dropdown list.
    • Company* - The legally-registered name for your business. If your company name includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.
    • Company Division - The name of the division or group within the above company. If the division includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.
    • Email - A valid email address where you can be contacted to verify domain ownership.
    • Passphrase - Some certificate authorities may require CSRs to have a passphrase. The certificate authority can use a CSR passphrase to confirm the identity of the person or organization with whom you wish to communicate. CSR passphrases are stored unencrypted in the CSR. Because of this, and because you will share this passphrase with a third party, do not use an important password here.

      A passphrase is a word or phrase that protects private key files. It prevents unauthorized users from encrypting them. Usually, it's just the secret encryption/decryption key used for Ciphers. Usually, we do not set up this protection on SSL certificates.

      A passphrase is optional, and without it, SSL can still be imported on SiteLock.

      If we protect the private key with a passphrase, then Apache Webserver cannot use it unless we supply Apache with the passphrase each time it restarts or reboots. And since keeping that passphrase stored in the filesystem would defeat the point of the passphrase, that means having some method to pass the passphrase to Apache from externally each time it restarts or reboots.

      If the private key is not encrypted, its protection comes from only the superuser who can read it. Therefore, it relies heavily on the system's integrity and is highly protected, and chances of comptonization are significantly less.

      Note: The CSR will automatically generate without a passphrase if you install a FREE SSL.

      You can use this free online service https://www.ssllabs.com/ssltest/which performs a deep analysis of the configuration of any SSL web server.

    • Description - Keywords to locate a particular CSR in the list quickly.
  5. Click Generate.
  6. Congratulations! You can now use the Encoded Certificate Signing Request to activate the certificate purchased with HostGator or any other certificate provider. Please include -----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST----- when submitting the CSR code for SSL activation.