Troubleshooting CSR (Certificate Signing Request) for SSL certificates
Last Updated: January 20, 2022
While setting up or re-issuing a SSL certificate, a Certificate Signing Request (CSR) must be generated by the host to pass information between the Certificate Authority and web host. Here are tips for generating a valid CSR:
- The domain has to exactly match the SSL certificate. If you purchased a wildcard, it would look like this: *.domain.com . If the SSL just covers the main domain it would look like this: www.domain.com If the SSL covers a subdomain it would look like this: subdomain.domain.com
- A key of 2048 works best for Encryption Everywhere SSLs and most other SSLs Name.com provides.
- Be sure the contact information is valid and complete.
- Use a CSR checker like this one to make sure you meet the requirements of a valid CSR: https://www.digicert.com/ssltools/view-csr/
- SSLs can only be renewed a month before they expire, and they cannot be renewed if they have not been set up.
- You can only use one SSL on a domain or subdomain at a time.
If these suggestions is not solving your issue, please see the articles below or fill out our SSL Support form