What are Certificate Signing Requests (CSRs)?

Owned by Kelly Evans (Unlicensed)
Last updated: Oct 23, 2022 by Rob Whyte (Unlicensed)

A Certificate Signing request is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually generated on the server where the certificate will be installed and contains information that will be included in the certificate, such as the organization name, common name (domain name), locality, and country. It also contains the public key that will be included in the certificate. A private key is usually created at the same time that you create the CSR, making a key pair.

To support the transport layer security (TLS) protocol, the Peeredge Switch needs to be configured with a valid certificate signed by a Certificate Authority trusted by the customer’s SIP device (PBX, SBC, etc.).

When the Peeredge Switch is deployed in a 46 Labs data center the certificate is typically signed by the Let’s Encrypt Certificate Authority. This certificate and its renewal are managed by 46 Labs.

If the Peeredge Switch is outside the 46 Labs data centers or the customer wants to use a certificate signed by a different Certificate Authority, then the customer can request a Certificate Signing Request from 46 Labs for each Peeredge Switch.

The customer must provide the following information to 46 Labs to create the CSR for each Peeredge Switch:

  • Common Name (e.g. server FQDN)

  • Subject Alternate Name (e.g. server FQDN)

  • Country Name (2-letter code)

  • State or Province Name

  • Locality Name (e.g. city)

  • Organization Name (e.g. company)

  • Organizational Unit Name (e.g. Business Unit) 

  • Email address (Optional) 

An alternative method to requesting a CSR for each Peeredge Switch is for the customer to provide 46 Labs a the certificate and the certificate’s associated private key for each switch. The certificate and private key should be sent via different communications methods (e.g. different encrypted emails).