Generating a CSR in Plesk for a Linux or Windows Server.

1. Log into Plesk

2. Click on 'Domains' under the 'Main Menu' section

3. Click on the domain you need to generate a CSR for

4. Click on the 'SSL Certificates' icon under the 'Additional Tools' section

5. Click on 'Add SSL Certificate'

6. Fill out the following required information:

1. Certificate name

2. Bits

3. Country

4. State or province

5. Location (City)

6. Organization name (company)

7. Organization department/division name

8. Domain name

9. E-mail

7. Click on 'Request'

8. You will now be redirected back to the main ssl screen and should see the new ssl certificate you just created listed under 'Certificate Name'

9. Click on the certificate name, which should be a blue link

10. Scroll down and you should see the CSR and Private Key would you can export via copy/paste

Generating a CSR outside of Plesk on a Linux Server:

1. Log into the server via SSH

2. You will have to create the private key first by running the following command:

1. openssl genrsa -des3 -out server.key 1024 (or you can input 2048 instead of 1024 which is recommended)

2. you then have to enter the private key passphrase twice

3. You now will create the CSR by running the following command:

1. openssl req -new -key server.key -out server.csr

2. then fill out the following information:

1. [enter your private key password]

2. [enter your two character country code]

3. [enter your full state or province name]

4. [enter your city name]

5. [enter your company name]

6. [enter your organizational unit or leave it blank]

7. [enter your common name or fqdn]

8. [enter your admin email address]

9. [leave the rest of the attributes blank]

1. cat server.csr

Generating a CSR outside of Plesk on a Windows 2003/IIS 6 Server:

1. Open the Internet Information Services (IIS) Manager. From the Start button select Programs > Administrative Tools > Internet Information Services Manager.

2. In IIS Manager, double-click the local computer, and then double-click the Web Sites folder.

3. Right-click the Web site for which you want to request a certificate, and then click Properties. By default it will be Default Web Site, yours may be different.

4. Select the Directory Security tab and click Server Certificate in the secure communications section.

5. Click Next in the Welcome to the Web Server Certificate Wizard window.

6. Select Create a new certificate, Click Next.

7. Select Prepare the request now, but send it later.

8. At the Name and Security Settings screen, fill in the friendly name field for the new certificate

9. Select bit length. We recommend using a 2048-bit length (2048 is required for EV SSL). Click Next.

10. Leave the 'Select cryptographic service provider (CSP) for this certificate' unchecked. Click Next.

11. You will be asked for several pieces of info which will be used by GeoTrust to create your new SSL certificate. These fields include the Common Name (aka domain, FQDN), organization, country, key bit length, etc. Use the CSR Legend in the right-hand column of this page to guide you when asked for this information. The following characters should not be used when typing in your CSR input: < > ~ ! @ # $ % ^ / \ ( ) ? , &

12. Enter your Organization (e.g., Gotham Books Inc) and Organizational Unit (e.g., Internet Sales). Click Next.

13. Enter your site's Common Name. The Common Name is the fully-qualified-domain name for your web site or mail server. Whatever your end-user will see in their browser's address bar is what you should put in here. Do not include http:// nor https://. Refer to the CSR legend in the right-hand column of this page for examples. If this is wrong, your certificate will not work properly. Click Next.

14. Enter your Geographical Information for Country, State, and City. Do not abbreviate States and Cities. Click Next.

15. In the Certificate Request File Name box enter the path and file name where you want to save your CSR. You can use the default of c:\certreq.txt. Remember where you save it; you'll need to be able to find this CSR file later. Click Next.

16. Review the data on the Request File Summary screen and click Next.

17. Click Finish to complete the Wizard.

18. Now, from a simple text editor such as Notepad (do not use Word), open the CSR file you just created at c:\certreq.txt (your path/filename may be different). You will need to copy-and-paste the contents of this file, including the top and bottom lines, into the relevant box during the online order process.

Generating a CSR outside of Plesk on a Windows 2008/IIS 7 Server:

1. Open the Internet Information Services (IIS) Manager. From the Start button select Programs > Administrative Tools > Internet Information Services Manager.

2. In the IIS Manager, select the server node on the top left under Connections

3. In the Features pane (the middle pane), double-click the Server Certificates option located under the IIS or Security heading (depending on your current group-by view).

4. From the Actions pane on the top right, select Create Certificate Request. The Distinguished Name Properties dialog box opens.

5. You will be asked for several pieces of info which will be used by GeoTrust to create your new SSL certificate. These fields include the Common Name (aka domain, FQDN), organization, country, key bit length, etc. Use the CSR Legend in the right-hand column of this page to guide you when asked for this information. The following characters should not be used when typing in your CSR input: < > ~ ! @ # $ % ^ / \ ( ) ? , &

6. Enter your site's Common Name. The Common Name is the fully-qualified-domain name for your web site or mail server. Whatever your end-user will see in their browser's address bar is what you should put in here. Do not include http:// nor https://. Refer to the CSR legend in the right-hand column of this page for examples. If this is wrong, your certificate will not work properly.

7. Enter your Organization (e.g., Gotham Books Inc) and Organizational Unit (e.g., Internet Sales). Click Next.

8. Enter the rest of the fields using the CSR Legend on the right right-hand column of this page for guidance and examples.

9. Click Next to continue.

10. The next screen of the wizard asks you to choose cryptography options. The default Microsoft RSA SChannel Cryptography Provider is fine and a key bit-length of 2048.

11. Click Next to continue.

12. Finally, specify a file name for the certificate request. It doesn't matter what you call it or where you save it as long as you know where to find it. You'll need it in the next step. We recommend calling it certreq.txt.

13. Click Finish to complete the certificate request (CSR) Wizard.

14. Now, from a simple text editor such as Notepad (do not use Word), open the CSR file you just created at c:\certreq.txt (your path/filename may be different). You will need to copy-and-paste the contents of this file, including the top and bottom lines, into the relevant box during the online order process.