Search Engine: Elastic

Article ID: 123886, created on Dec 10, 2014, last review on Mar 7, 2016

  • Applies to:
  • Plesk Automation
  • Service provider products licensing


How to generate certificate signing request (CSR) for Plesk / Plesk Automation?


1) You can generate CSR from Plesk directly:

  • Open the corresponding subscription on the control panel;
  • Go to the Websites & Domains and select the website you want to protect with an SSL certificate;
  • Click Secure Your Sites;
  • Click Add SSL Certificate;
  • Specify the following certificate parameters:

    1. Certificate name. This will help you identify this certificate in the repository;
    2. Encryption level. Choose the encryption level of your SSL certificate. We recommend that you choose a value more than 1024 bit;
    3. Your location and organization name. The values you enter should not exceed the length of 64 symbols;
    4. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. Example:;
    5. The website administrator's email address.
  • Make sure that all the provided information is correct and accurate, as it will be used to generate your private key.
  • Click Request;
  • Plesk will generate your private key and certificate signing request and add them to your certificates repository (Websites & Domains > Secure Your Sites);
  • In the list of certificates, click the name of the certificate you need;
  • Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard;
  • Go to the SSL order and paste CSR from the clipboard into SSL purchase form and click Continue;
  • The certification authority will create an SSL certificate in accordance with the information you supplied.

2) CSR can also be created with an openssl utility:

  • Login to the server via SSH. Issue the following command:

    openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

where server is the name of your server.

  • This will begin the process of generating two files: the Private-Key file for the decryption of the SSL Certificate, and a certificate signing request (CSR) file used to apply for the SSL Certificate;

  • When prompted for the Common Name (domain name), enter the fully qualified domain name for the site that is to be secured. If generating an Nginx CSR for a Wildcard SSL Certificate, make sure the common name starts with an asterisk (e.g. *;

  • After that other information will be requested such as organizational information, beginning with geographic information. There may be default information set already;

  • Then .csr file will be created;

  • Save (back up) the generated .key file as it will be required later when installing the SSL certificate in the webserver.

e0aff7830fa22f92062ee4db78133079 caea8340e2d186a540518d08602aa065 0fb3394a2c69b44bea0b259a86272ad9 dbd9c930a53370cd4abd5c7ff1b5f55c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF