Mac OS Keychain Access

Generating a Certificate Signing Request in Keychain

Under Keychain Access menu, find Certificate Assistant menu, highlight with your cursor, and then click Request a Certificate from a Certificate Authority.

Enter the common name and email address in the Certificate Assistant window. For SSL certificates, the Common Name must be the domain name for your website. Only enter one domain name, even if you are generating a multi-domain SSL certificate. 

Do not input CA Email Address, instead select Saved to Disk to designate a location on your Mac for the CSR text file to be saved. 

Select the preferred key size – the industry standard for SSL certificates is 2048 bits. Then, click Continue.

Locate the CSR file that was saved and right-click to open with TextEdit. You will copy and paste all the text from this file including —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—– into the CSR field on your order generation form on your account.


There is no further action needed in Certificate Assistant from this point, so if there are further options, you can simply exist the Assistant window.

After completing the Generation step, the Validation process will begin. Check out our SSL Validation guides for more information on what is required to complete validation for your SSL certificate.

Where Is the Private Key?

To locate the private key in Keychain, search the CSR common name in All Items in the Login keychain. There should be a public key (the CSR) and a private key matching the common name you entered when generating the CSR.

Make sure to never share or delete this private key, as you will need this file when you are ready to install the SSL certificate on your web server.

Updated on

Was this article helpful?

Related Articles