While the easiest option for requesting your email certificate is to do it all in the web browser, you may also generate a certificate signing request (CSR). A CSR can be created on a web server, with OpenSSL commands, or with an online CSR generation tool.
CSR Information
Your CSR for S/MIME or Personal Authentication Certificates should contain the following details:
- Common name: the user’s email address, e.g. yourname@email.com
- Organization: the user’s organization, or N/A if there is not one
- Locality: your city
- State: your state or district, fully spelled out
- Country: your country
The standard key-size for email signing CSRs is 2048 bits.
The CSR will have a matching private key that is required to use the certificate. If you use an online CSR generation tool, please make sure to save the private key in a familiar place before you exit the tool page. If the private key is not saved, or gets lost, you will not be able to use the certificate.
Helpful Tips
It is optional to submit a CSR for email certificates. We actually recommend that you do not submit a CSR when enrolling your order, as the browser generation method is much easier. If you do not provide a CSR during enrollment, you will be able to easily download the certificate, ready to install, from any browser as soon as it is issued.