What Is CSR and RSA? Understanding SSL Certificate Requirements on Bluehost

CSR and RSA are key components used when generating and installing an SSL certificate for your website. These elements work together to help secure data transmitted between your server and your visitors.

Understanding CSR and RSA is important when purchasing or installing a custom SSL certificate on your Bluehost hosting account.

• What Is a CSR (Certificate Signing Request)?
• What Is an RSA Key?
• How CSR and RSA Work Together
• When Do You Need CSR and RSA?
• How to Generate a CSR on Bluehost
• Important Security Considerations
• Summary

What Is a CSR (Certificate Signing Request)?

A CSR (Certificate Signing Request) is a block of encoded text generated on your server when requesting an SSL certificate.

It includes important details such as:

• Domain name
• Organization or business name
• Location (city, state, country)
• Public encryption key

The CSR is submitted to a Certificate Authority (CA), which uses the information to generate your SSL certificate.

Key Points About CSR

• Created on the server where the SSL will be installed
• Contains a public key, not the private key
• Must match the exact domain name
• Required when purchasing or installing a third-party SSL

What Is an RSA Key?

An RSA key refers to the private encryption key generated at the same time as your CSR.

This private key is used to:

• Decrypt secure data sent to your server
• Establish encrypted HTTPS connections
• Pair with your SSL certificate for authentication

Key Points About RSA

• Generated alongside the CSR
• Must be kept secure and private
• Required to install and use an SSL certificate
• Typically uses strong encryption (e.g., 2048-bit or higher)

How CSR and RSA Work Together

CSR and RSA are part of the same SSL generation process:

1. A private key (RSA) is generated on your server
2. A CSR is created using that private key
3. The CSR is submitted to a Certificate Authority
4. The SSL certificate is issued
5. The certificate is installed using the same private key

This ensures the SSL certificate is securely linked to your server.

When Do You Need CSR and RSA?

You will need CSR and RSA when:

• Purchasing a third-party SSL certificate
• Installing a custom SSL certificate
• Reissuing or renewing an SSL certificate
• Migrating SSL to a different server

For Bluehost users with free SSL, these steps are usually handled automatically. However, manual setup may require generating a CSR and managing your RSA key.

How to Generate a CSR on Bluehost

You can refer to the articles below on how to generate a CSR.

• How to Install a Third-Party SSL Certificate in cPanel
• How to Create Certificate Signing Request

Important Security Considerations

When working with CSR and RSA:

• Never share your private RSA key
• Store your private key securely
• Ensure your CSR details are accurate before submission
• Keep backups of your SSL-related files

If your private key is lost, the SSL certificate cannot be used and may need to be reissued.

Summary

CSR and RSA are essential for SSL certificate setup. The CSR contains your domain and public key information used to request an SSL certificate, while the RSA key is the private key used to secure encrypted connections. Understanding how these components work together ensures a smooth SSL installation process and helps keep your website secure on Bluehost hosting.