Why your CSR is important
At this point you may be wondering why you need a CSR before you can apply for a certificate.
A CSR - certificate signing request - contains half the information which your server will need to set up a secure connection. It contains your server's public key; the certificate itself, once issued, will include that key and a signature from Thawte which confirms that the certificate was validly requested and issued, and (if you requested a fully-authenticated certificate) that the key belongs to your organisation. The CSR needs to be generated on the server that you want to secure - while it's technically possible to generate it on a different server and move it across afterwards, this makes it much more likely that you'll run into problems and we do not recommend it.
The other half of the information your server will need, the private key, remains on your server - we never see it. (This is why we ask you to make sure that you have backed up your private key, as we can't help you if you lose it.)
Last updated: March 24th 2008
© Copyright Herald Information Systems, 1999 - 2008.