CSR Generation

Generate a Certificate Signing Request (CSR) and Private Key for your SSL certificate in seconds.

100% Free No Sign Up Required Private Key Never Stored

Certificate Signing Request (CSR) Information

Key Type

RSA 2048 Standard Default ✓

RSA 4096 Stronger ✓

ECC P-256 Fast ✓

ECC P-384 Strongest ✓

Domain Name (Common Name) *

For wildcard: *.example.com — protects all subdomains

Subject Alternative Names (SANs) (optional — recommended)

Chrome ignores CN since 2017 — add all domains you want the cert to cover here. Primary domain is included automatically.

Organization *

Organizational Unit (opt)

City / Locality *

State / Province *

Country *

Email Address *

Your private key will never be stored on our servers

Your Generated CSR & Private Key

Fill in the form on the left and click
Generate CSR to get started

Secure & PrivateKey generated locally on our server, never logged

No Data StoredWe don't store or transmit your information

OpenSSL CompatibleCSR is 100% OpenSSL compatible

Instant GenerationCSR and private key in just one click

Free Forever100% free to use. No hidden charges

How CSR Generation Works

Fill Details Enter your domain and organization details

Generate CSR We generate CSR and private key using OpenSSL

Download Files Download your CSR and private key to your device

Submit to CA Submit CSR to your SSL certificate provider

Install SSL After approval, install SSL on your server

What is a CSR?

The CSR Generator is a free online tool that creates a Certificate Signing Request (CSR) — the encoded file you submit to a Certificate Authority to request an SSL/TLS certificate. Normally, generating a CSR requires command-line access to your server and knowledge of OpenSSL syntax. This tool generates a valid CSR through a simple web form, making the process accessible to everyone.

The tool generates both the CSR and the private key pair. The private key must be installed on your server alongside the issued certificate — keep it secret and never share it.

How to Generate a CSR

Enter your Common Name — the domain or subdomain to secure (e.g. example.com)
Fill in organization details: name, country, state, city
Add any Subject Alternative Names for multi-domain certificates
Select key size: 2048-bit RSA (standard) or 4096-bit (higher security)
Click Generate CSR
Save both the CSR (to submit to CA) and the private key (for your server)

After Getting Your CSR

Submit the CSR to your chosen Certificate Authority (DigiCert, Let's Encrypt, Comodo, etc.)
Once the CA issues the certificate, install both the certificate and your private key on your server
Use our Certificate Key Matcher to verify they match

Free, browser-based, no login required.

Compatible With All Major Providers

Cloudflare

DigiCert

GoDaddy

Namecheap

ZeroSSL

Let's Encrypt

Frequently Asked Questions

What is a CSR (Certificate Signing Request)?

A CSR is a block of encoded text that you send to a Certificate Authority (CA) when applying for an SSL/TLS certificate. It contains your public key and organization information. The CA uses this to verify your identity and issue your SSL certificate.

Can I generate a CSR again using the same details?

Yes, you can generate a new CSR any time using the same details. However, each new CSR generates a new private key. Make sure to use the matching private key with the certificate issued for that specific CSR.

What is a Private Key?

The private key is the secret cryptographic key that pairs with your SSL certificate's public key. You must install it on your server alongside the issued certificate. Never share it with anyone — if compromised, revoke and reissue your certificate immediately.

Is it safe to use this CSR Generator?

Yes. Your private key is generated server-side and sent to your browser over HTTPS — it is never logged or stored. We recommend downloading it immediately and deleting it from your browser history if needed.

Which key type should I choose?

RSA 2048 is the industry standard and works everywhere. RSA 4096 is stronger but slower. ECC P-256 offers equivalent security to RSA 3072 with much smaller key size and faster performance — recommended for modern servers.

Where is my data stored?

We do not store your CSR, private key, or any form data you enter. All generated data is discarded immediately after your browser receives it. Your information stays private.