CSR is abbreviated from Certificate Signing Request. A CSR is and encoded file to submit to the Certificate Authority (CA) to create your public/private key pair used for encrypting and decrypting secure transactions.
Use your Web server software to generate the CSR, you will receive two codes : CSR and Private Key (Private Key should be kept or backed up on the web server to use for the installation). To submit only CSR to Certificate Authority (CA).
When you generate a CSR, most server software asks for the following information :
Common Name : MUST be the fully-qualified domain name (FQDN) for the website you will be using the certificate for (e.g., www.example.com). Do not include the "http://" or "https://" prefixes in your common name. Do NOT enter your personal name in this field.
Organization : The name under which your business is legally registered. The listed organization must be the legal registrant of the domain name in the certificate request. Suggestion!!! MUST match with the Domain Owner on WHOIS.
Organizational Unit : Use this field to differentiate between divisions within an organization. For example, IT, Engineering, and so on.
City/Locality : Name of the city/locality in which your organization is registered/located. Please spell out the name of the city/locality. Do NOT abbreviate.
State/Province : Name of state, province, region, territory where your organization is located. Please enter the full name. Do NOT abbreviate.
Country Code : The two-letter country code for the country in which your organization is legally registered. For example US, CN.
Key Type : typically RSA
Key Length : “2048” bit
CSRs are generated in Base-64 encoded PEM format. This format usually contains “-----BEGIN CERTIFICATE REQUEST-----" and "-----END CERTIFICATE REQUEST-----" lines at the beginning and end of the CSR. Text editor application can view the CSR. Here is the sample.
-----BEGIN NEW CERTIFICATE REQUEST-----
-----END NEW CERTIFICATE REQUEST-----