How to put domain correctly in CSR? Print

  • 0

How to Put the Domain Correctly in Your CSR

The most important field in your Certificate Signing Request (CSR) is the Common Name (CN). This is the exact address you want to secure with your SSL certificate. If this doesn't match your website's URL perfectly, visitors will see a "Your connection is not private" warning.

At Nixzoehost, we recommend following these rules to ensure your certificate works the first time.


1. Standard Single-Domain SSL

If you have a standard SSL (like PositiveSSL), you should typically use the fully qualified domain name (FQDN).

  • Format: www.yourdomain.com or yourdomain.com

  • The "WWW" Rule: In 2026, most modern Certificate Authorities (including Sectigo) will automatically secure both the www and non-www versions of your site if you secure the www version.

    • Recommended: Enter www.yourdomain.com.

2. Wildcard SSL Certificates

If you purchased a Wildcard SSL to secure a main domain and all its subdomains (like blog.site.com, shop.site.com, etc.), you must use an asterisk.

  • Format: *.yourdomain.com

  • Important: An asterisk only covers one level of subdomains. It will secure sub.domain.com but not extra.sub.domain.com.

3. Multi-Domain (SAN) SSL

Multi-Domain certificates allow you to secure several different domains (e.g., site-a.com, site-b.net, site-c.org) under one certificate.

  • Format: When generating the CSR, put the primary domain in the Common Name field.

  • The Others: You will add the additional domains later during the "Activation" step in your Nixzoehost Client Area, not inside the CSR code itself.

How to Put the Domain Correctly in Your CSR

The most important field in your Certificate Signing Request (CSR) is the Common Name (CN). This is the exact address you want to secure with your SSL certificate. If this doesn't match your website's URL perfectly, visitors will see a "Your connection is not private" warning.

At Nixzoehost, we recommend following these rules to ensure your certificate works the first time.


1. Standard Single-Domain SSL

If you have a standard SSL (like PositiveSSL), you should typically use the fully qualified domain name (FQDN).

  • Format: www.yourdomain.com or yourdomain.com

  • The "WWW" Rule: In 2026, most modern Certificate Authorities (including Sectigo) will automatically secure both the www and non-www versions of your site if you secure the www version.

    • Recommended: Enter www.yourdomain.com.

2. Wildcard SSL Certificates

If you purchased a Wildcard SSL to secure a main domain and all its subdomains (like blog.site.com, shop.site.com, etc.), you must use an asterisk.

  • Format: *.yourdomain.com

  • Important: An asterisk only covers one level of subdomains. It will secure sub.domain.com but not extra.sub.domain.com.

3. Multi-Domain (SAN) SSL

Multi-Domain certificates allow you to secure several different domains (e.g., site-a.com, site-b.net, site-c.org) under one certificate.

  • Format: When generating the CSR, put the primary domain in the Common Name field.

  • The Others: You will add the additional domains later during the "Activation" step in your Nixzoehost Client Area, not inside the CSR code itself.

    Common Mistakes to Avoid

    What NOT to do Why it's wrong
    https://yourdomain.com Do not include https:// or http://.
    yourdomain.com/shop Do not include paths or subfolders.
    192.168.1.1 Most certificates cannot secure IP addresses.
    Your Domain Name This field must be a web address, not your company name.

    Special Case: Subdomains

    If you only want to secure a specific subdomain and not the main domain, enter that specific subdomain.

    • Example: If your store is at shop.nixzoehost.com, enter shop.nixzoehost.com.


Was this answer helpful?

« Back