Generating CSR to be sent to you CA

When requested by your CA, you must generate a CSR for your certificate request. There are various ways through which you can generate one.

Refer to the following link, which lists various options on how to generate a CSR: https://www.digicert.com/kb/csr-creation.htm

For convenience, here is the process for how to do it on Mac OS and what options to use. If you use another method, please note the options used below

For MacOS users:

• Open Keychain Access app (you can use cmd+space to search for the Keychain Access app or find it in the "Other" folder under your "Launchpad")

• On the menu --> Keychain Access --> Certificate Assistant --> Request a certificate from a certificate authority

• A wizard opens, follow the wizard to generate a CSR

• Make sure not to put personal information, but instead put company information. The common name should be your company name

• Choose saved to disk and check "let me specify key pair information"

• Provide a name and select where the CSR file must be stored (remember this location and file name)

• Key size must be a minimum of 2048 bits

• The algorithm must be RSA

• The CSR file is generated and saved at the chosen location. This file must be sent to your CA (or uploaded on their portal) The Private key is also stored in the keychain and can be exported from it.