Application Delivery Management

Create a Certificate Signing Request (CSR)

A Certificate Signing Request (CSR) is a block of encrypted text that is generated on the server on which the certificate will be used. It contains information that will be included in the certificate such as the name of your organization, common name (domain name), locality, and country.

To create a CSR using NetScaler Console:

  1. In NetScaler Console, navigate to Infrastructure > SSL Dashboard.

  2. Click any of the graphs to see the list of installed SSL certificates, and then select the certificate for which you want to create a CSR and select Create CSR from the Select Action list.

  3. On the Create Certificate Signing Request (CSR) page, specify a name for the CSR.

  4. Do one of the following:

    • Upload a key - Select the I have a Key option. To upload your key file, select either Local (your local machine) or Appliance (the key file must be present on the NetScaler Console virtual instance).

    • Create a key - Select the I do not have a Key option, and then specify the following parameters:

    Encryption Algorithm Type of key. For example, RSA.
    Key File Name Name for your file in which the RSA key is stored.
    Key Size Key size in bits.
    Public Exponent Value Choose either 3 or F4 from the drop-down list provided. This value is part of the cipher algorithm that is required to create your RSA key.
    Key Format Be default PEM is selected. PEM is the recommended key format for your SSL certificate.
    PEM Encoding Algorithm In the drop-down list, select the algorithm (DES or DES3) that you want to use to encrypt the generated RSA key. If you select this algorithm, you’ll need to provide a PEM Passphrase.
    PEM Passphrase If you’ve chosen the PEM Encoding Algorithm, enter a passphrase.
    Confirm PEM Passphrase Confirm your PEM passphrase.
  5. Click Continue.

  6. On the following page, provide more details.

    Most fields have default values extracted from the subject of the selected certificate. The subject contains details such as the common name, organization name, state, and country.

    In the Subject Alternative Name field, you can specify multiple values, such as domain names and IP addresses with a single certificate. The Subject Alternative names help you secure multiple domains with a single certificate.

    Specify the domain names and IP addresses in the following format:

    DNS:<Domain name>, IP:<IP address>

    Create Signing Request in Console

    In this example, it secures and

    Review the fields and click Continue.


Most CAs accept certificate submissions by email. The CA returns a valid certificate to the email address from which you submit the CSR.

Create a Certificate Signing Request (CSR)

In this article