A CSR file contains the information needed to issue a SSL certificate, such as DNS name, company name, location and country. The CSR file is created directly on the server that will use the certificate by signing the information with the created private key. The private key has to be used in conjunction with the public certificate signed by the issuer for it to work properly, which is why the CSR should be created on the server that will use the certificate.
You should collect the following information for every CSR you are creating, please note that special characters can help the process of issuing the certificate. However, the requirements have been relieved and most issuers allows the Danish characters in Organisation (O), Organisational Unit (OU), Location (L) and State (S). The company name has to be an exact match of the public record e.g. CVR.dk
Never send the private key, we and the certificate issuer ONLY need the CSR file.
The following special characters is usually not allowed: > < ! @ # $ % ^ * ( ) ~ ? / \. &
|Common Name (CN)||The primary fully qualified domain name (FQDN) which will be protected by the SSL certificate. (e.g.: mail.fairssl.dk)|
|Subject Alternative Names (SAN)||Other server names will be protected by the SSL certificate. (e.g.: autodiscover.fairssl.dk)|
|Organisation (O)||The complete company name as it is recorded in public databases like CVR. (e.g.: NOTyours A/S) company name/city/state/country is ignored on a domain validated certificate, but should still be completed correctly.|
|Organizational Unit (OU)||The department or similarly descriptive part of the company. (e.g.: IT-department) can also just be the company name.|
|State (S)||State or region. In Denmark the Location is used. (e.g.: Ørum Djurs)|
|Country (C)||ISO standard two-letter country code. (e.g.: DK) Has to be capitalized|
|Location (L)||City name. (e.g.: Ørum Djurs)|
Beware that the issuers have raised the requirements for the number of bits in an SSL certificate, the minimum requirement is 2048 bits.