What is a "CSR" and how do I get one?
CSR is a Certificate Signing Request
Basic overview
This file contains pieces of information about your cert and your public key.
It is used by the CA or Certification Authority (here : CAcert Inc.) to sign your cert (and obviously the info included in the cert).
The CA do not need the private key you have generated. You keep your private key secret.
The CA uses this CSR file to grab the info, verifying the info from your account and then generate the real certificate that you ( and your services) will use during secure communications with clients (HTTPS,SSL,POP3/SSL, etc.) and servers.
(based on Bruno ideas on CAcert support mailing list)
Example of [http://www.spacereg.com/webcert_csr.html CSR ]
tools to generate CSRs
- Win32
[http://openvpn.se/mycert/ My Certificate Wizard] part of [http://www.openvpn.se/ OpenVPN GUI for Windows] wrapper for the [http://www.slproweb.com/products/Win32OpenSSL.html Win32 OpenSSL port]
- Linux/Unix/*nix
[http://www.openssl.org/ OpenSSL] [VhostsApache] [SimpleApacheCert]
- If you're using IIS have a look at:
http://www.cacert.org/help.php?id=3 http://isaserver.org/tutorials/2004wildcardcert.html (to be verified)
- if you're using openssl have a look at:
Analyse your CSR data block
see [http://www.freecerts.com/analyze_csr/content.html Analyse CSR]
More info
see [:SubmitCsr:here] and [http://wiki.cacert.org/wiki/WebServers?action=highlight&value=CSR there]
Official OpenSSL stuff
You can get some more info reading the official OpenSSL documentation.