---
title: Generating certificate signing requests
description: To generate a CSR:
component: pingaccess
version: 9.0
page_id: pingaccess:pingaccess_user_interface_reference_guide:pa_generating_certificate_signing_requests
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/pingaccess_user_interface_reference_guide/pa_generating_certificate_signing_requests.html
revdate: September 22, 2023
section_ids:
  about-this-task: About this task
  steps: Steps
  result: Result:
  next-steps: Next steps
---

# Generating certificate signing requests

## About this task

To generate a CSR:

## Steps

1. Click **Security**, then go to **Key Pairs > Key Pairs**.

2. Click the **Pencil** icon, then click **Generate CSR** for the certificate that you want to generate a CSR for.

   ### Result:

   PingAccess generates a CSR file, and your browser downloads it.

3. Provide this file to a certificate authority (CA) *(tooltip: \<div class="paragraph">
   \<p>An entity that issues digital certificates.\</p>
   \</div>)*.

   The CA signs the file and provides a CSR response that you can upload and use to replace the self-signed certificate. If the CA is well known, its certificates are installed by default in most browsers and the user is not prompted to trust an unknown certificate.

## Next steps

When you receive the CSR response, follow the instructions in [Importing certificate signing request responses](pa_importing_certificate_signing_request_responses.html).