There are many reasons why a CSR may be invalid.  When you create the CSR make sure:

  • Your domain is hosted. This should not be intranet site. (The domain must point to the hosting account.)
  • The domain is  registered
  • Check the common name field. You may have specified an IP address (e.g. or a server name (e.g. mywebserver) instead of a Fully Qualified Domain Name such as or domain name such as You must specify a Fully Qualified Domain Name or domain name.
  • You do not use any special characters when filling in the information required for CSR generation. Special characters are [! @ # $ % ^ ( ) ~ ? > < & / \ , . " ' _]
  • Click on the drop-down arrow beside Country to choose from the list on the drop down.
  •  Make sure you have included the header and footer of the CSR into the enrollment form. The header and footer will look like:

encoded data

Make sure that there are 5 dashes on each side of Begin and End certificate request. There should also be no trailing spaces in the CSR.

Was this answer helpful? 0 Users Found This Useful (3 Votes)