AES Encryption Explained: How It Works and Why It Matters
Jun 23, 2026
Generate Certificate Signing Requests with RSA or ECDSA keys for SSL/TLS certificates.
A Certificate Signing Request (CSR) is a block of encoded text that contains information about your organization and public key. It is submitted to a Certificate Authority (CA) to obtain an SSL/TLS certificate for your domain.
The CSR includes your public key and distinguished name (DN) information. The corresponding private key must be kept secret and is never sent to the CA.
No. Your CSR and private key are generated in a temporary directory, displayed to you once, and then immediately deleted. The key is not stored, logged, or retained in any way.
RSA is universally supported and recommended for compatibility. ECDSA offers equivalent security with smaller key sizes and faster performance, but older clients may not support it. For most modern websites, either is fine.
The CA validates your domain ownership and organization details (for OV/EV certificates), then issues a signed SSL/TLS certificate. You will install this certificate along with your private key on your web server.
A passphrase adds an extra layer of security. However, it means you will need to enter the passphrase every time your server starts. Many production setups use unencrypted keys (no passphrase) stored securely with restricted permissions.
Blog
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026