SSL Creator
Generate CSRs (Certificate Signing Requests) and Self-Signed Certificates instantly
Generate a CSR (Certificate Signing Request) or self-signed SSL certificate in seconds. All key generation happens in your browser using the Web Crypto API — your private key never leaves your device.
CSR vs self-signed — which do you need?
CSR (Certificate Signing Request)
- •Submit to a Certificate Authority (Let's Encrypt, DigiCert, Sectigo)
- •CA issues a trusted certificate
- •Browsers show the padlock without warnings
- •Required for public production websites
Self-signed certificate
- •Generated entirely by you — no CA involved
- •Browsers show "Not Secure" warning
- •Only for local development and testing
- •Instant — no waiting on CA validation
Key size recommendations
- RSA 2048
- Standard — widely compatible, fast
- RSA 4096
- Stronger, slower — for long-term certs
- ECDSA P-256
- Modern, smaller keys, faster handshake
Frequently asked questions
What is a CSR?
A Certificate Signing Request — encoded text you submit to a Certificate Authority to get a trusted SSL certificate.
Is my private key safe?
Yes. Key generation happens in your browser via the Web Crypto API. The private key never leaves your device.
Can I use self-signed in production?
No — browsers show a warning. Self-signed is for local development only. Use Let's Encrypt (free) for production.
Which key size should I pick?
RSA 2048 for maximum compatibility. ECDSA P-256 for modern performance if your clients support it.