Skip to main content

CSR & Key

Asis Biswas
Updated

1. CSR & Key Introduction

In secure digital systems, especially when dealing with sensitive data such as financial records, secure communication is critical. This is where CSR (Certificate Signing Request) and Key Files play an important role.

A CSR is a file you create when you want to get an SSL/TLS certificate for your website or application. It contains important information like your domain name, organization details, and a public key. This file is sent to a Certificate Authority (CA), which is a trusted company that issues certificates. The CA checks your details and gives back a signed certificate. This certificate proves that your website is secure and trusted.

A Key File, on the other hand, is a private cryptographic key that stays securely on your system. It works with the digital certificate to encrypt and decrypt information. Think of it as the lock-and-key mechanism that ensures only the intended parties can access certain data.

The image displays the CSR and Key management screen, which is used to manage Certificate Signing Requests (CSR) and their corresponding key files. Each entry on the interface represents a certificate request generated for a specific user or system account, identified by an email or account label. This interface allows users to view basic details related to each CSR, such as who created it and the exact creation timestamp in CDT (Central Daylight Time). It provides quick access to download both the CSR file and the associated key file for external signing or certificate management purposes. 

 

 

 

  • Go to Administration
  • Click on Admin Settings
  • Click on CSR & Key under Admin Settings Action

 

 

 

 

  • The "Add CSR and Key" interface is used to generate a Certificate Signing Request (CSR) and its associated key file. These are essential components in obtaining a digital certificate for secure data transmission. The form collects organization-specific information that will be embedded in the certificate and used for validation by a Certificate Authority (CA). Each field is mandatory and must be completed accurately. Below is a detailed explanation of each field in the form:
  •  Country Name (2 letter code):  This field requires a two-letter country code that is compliant with the ISO 3166 standard. It represents the country where the organization is legally registered. The input must be entered in uppercase letters and reflect the country of the business location. This information ties the certificate to the appropriate region. 
  • State or Province Name (full name): This input should contain the full name of the state or province without abbreviations. It further refines the regional location of the organization within the selected country. The entry must match the official registration details of the company. It is used by the CA to verify the organization’s location.
  • Locality Name (eg, city): This field specifies the city where the organization operates. It helps localize the business within a specific geographic area. The information must be spelled accurately and reflect the company’s operational base. 
  • Organization Name (eg, company): 
    The organization’s full legal name must be entered here. This identifies the entity requesting the certificate and ties the CSR to a business record. The name must align with what is officially recorded with government or legal bodies. Providing a correct organization name is critical for trust and transparency. Any discrepancies may lead to certificate rejection.
  • Organization Unit Name (eg, section): 
    This field is used to indicate the internal department or division responsible for the request. It may refer to specific teams such as IT, Finance, or Security within the organization. This adds an extra layer of identification and helps with internal management of digital certificates
  • Common Name (e.g. server FQDN or YOUR name): 
    The common name must reflect the fully qualified domain name (FQDN) that the certificate will secure. It is the domain that users will interact with over secure protocols like HTTPS. The value must exactly match the domain configuration to avoid security warnings. This is one of the most critical inputs for SSL/TLS functionality. Errors in this field can render the certificate invalid.
  • Email Address: 
    This field is for the email address associated with the certificate request. It should be a valid and monitored address for receiving confirmation, updates, or renewal alerts. The email must belong to someone authorized to manage certificates on behalf of the organization. It’s also used during verification steps by the CA. 
  • Each of these fields must be completed carefully to avoid delays in the certificate issuance process. Properly generated CSRs and keys are foundational for secure online communication and compliance with security standards.

 

 

 

 

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk