How to Put the Domain Correctly in Your CSR
The most important field in your Certificate Signing Request (CSR) is the Common Name (CN). This is the exact address you want to secure with your SSL certificate. If this doesn't match your website's URL perfectly, visitors will see a "Your connection is not private" warning.
At Nixzoehost, we recommend following these rules to ensure your certificate works the first time.
1. Standard Single-Domain SSL
If you have a standard SSL (like PositiveSSL), you should typically use the fully qualified domain name (FQDN).
-
Format:
www.yourdomain.comoryourdomain.com -
The "WWW" Rule: In 2026, most modern Certificate Authorities (including Sectigo) will automatically secure both the
wwwandnon-wwwversions of your site if you secure thewwwversion.-
Recommended: Enter
www.yourdomain.com.
-
2. Wildcard SSL Certificates
If you purchased a Wildcard SSL to secure a main domain and all its subdomains (like blog.site.com, shop.site.com, etc.), you must use an asterisk.
-
Format:
*.yourdomain.com -
Important: An asterisk only covers one level of subdomains. It will secure
sub.domain.combut notextra.sub.domain.com.
3. Multi-Domain (SAN) SSL
Multi-Domain certificates allow you to secure several different domains (e.g., site-a.com, site-b.net, site-c.org) under one certificate.
-
Format: When generating the CSR, put the primary domain in the Common Name field.
-
The Others: You will add the additional domains later during the "Activation" step in your Nixzoehost Client Area, not inside the CSR code itself.
How to Put the Domain Correctly in Your CSR
The most important field in your Certificate Signing Request (CSR) is the Common Name (CN). This is the exact address you want to secure with your SSL certificate. If this doesn't match your website's URL perfectly, visitors will see a "Your connection is not private" warning.
At Nixzoehost, we recommend following these rules to ensure your certificate works the first time.
1. Standard Single-Domain SSL
If you have a standard SSL (like PositiveSSL), you should typically use the fully qualified domain name (FQDN).
-
Format:
www.yourdomain.comoryourdomain.com -
The "WWW" Rule: In 2026, most modern Certificate Authorities (including Sectigo) will automatically secure both the
wwwandnon-wwwversions of your site if you secure thewwwversion.-
Recommended: Enter
www.yourdomain.com.
-
2. Wildcard SSL Certificates
If you purchased a Wildcard SSL to secure a main domain and all its subdomains (like blog.site.com, shop.site.com, etc.), you must use an asterisk.
-
Format:
*.yourdomain.com -
Important: An asterisk only covers one level of subdomains. It will secure
sub.domain.combut notextra.sub.domain.com.
3. Multi-Domain (SAN) SSL
Multi-Domain certificates allow you to secure several different domains (e.g., site-a.com, site-b.net, site-c.org) under one certificate.
-
Format: When generating the CSR, put the primary domain in the Common Name field.
-
The Others: You will add the additional domains later during the "Activation" step in your Nixzoehost Client Area, not inside the CSR code itself.
Common Mistakes to Avoid
What NOT to do Why it's wrong https://yourdomain.comDo not include https://orhttp://.yourdomain.com/shopDo not include paths or subfolders. 192.168.1.1Most certificates cannot secure IP addresses. Your Domain NameThis field must be a web address, not your company name. Special Case: Subdomains
If you only want to secure a specific subdomain and not the main domain, enter that specific subdomain.
-
Example: If your store is at
shop.nixzoehost.com, entershop.nixzoehost.com.
-