Skip navigation
Knowledge Base    SSL    SSL General: Troubleshooting CSR (Certificate Signing Request) for SSL certificates

Troubleshooting CSR (Certificate Signing Request) for SSL certificates

Last Updated: Jan 20, 2022

While setting up or re-issuing a SSL certificate, a Certificate Signing Request (CSR) must be generated by the host to pass information between the Certificate Authority and web host. Here are tips for generating a valid CSR:

  • The domain has to exactly match the SSL certificate. If you purchased a wildcard, it would look like this: * . If the SSL just covers the main domain it would look like this: If the SSL covers a subdomain it would look like this:
  • A key of 2048 works best for Encryption Everywhere SSLs and most other SSLs provides. 
  • Be sure the contact information is valid and complete. 
  • Use a CSR checker like this one to make sure you meet the requirements of a valid CSR: 
  • SSLs can only be renewed a month before they expire, and they cannot be renewed if they have not been set up. 
  • You can only use one SSL on a domain or subdomain at a time.

If these suggestions is not solving your issue, please see the articles below or fill out our SSL Support form

Also, see: 

Can't find what you're looking for? Contact our support team now
Open a Support Ticket
Submit a request

Anytime 24/7

Live Chat

Live agent:  12am - 5pm MST every day
Live virtual bot:  5pm - 12am MST every day
Mountain Time, Denver, USA