---
title: Sign a certificate using a CSR
description: You can generate a Certificate Signing Request (CSR) using a signing certificate that you created. In the PingOne for Enterprise certificate management page, download the CSR for the relevant certificate, and then send it to your Certificate Authority (CA). The CA will send back a CSR response which you can upload to PingOne for Enterprise. Once it is uploaded, your certificate is updated to the version signed by the CA.
component: pingoneforenterprise
page_id: pingoneforenterprise:pingone_for_enterprise:p14e_sign_certificate_using_csr
canonical_url: https://docs.pingidentity.com/pingoneforenterprise/pingone_for_enterprise/p14e_sign_certificate_using_csr.html
revdate: March 30, 2023
section_ids:
  about-this-task: About this task
  steps: Steps
  result: Result:
  result-2: Result:
---

# Sign a certificate using a CSR

## About this task

You can generate a Certificate Signing Request (CSR) using a signing certificate that you created. In the PingOne for Enterprise certificate management page, download the CSR for the relevant certificate, and then send it to your Certificate Authority (CA). The CA will send back a CSR response which you can upload to PingOne for Enterprise. Once it is uploaded, your certificate is updated to the version signed by the CA.

## Steps

1. Click **Setup > Certificates**.

2. In the certificate list, expand the relevant entry and click **CSR**.

3. Click **Export** and navigate to the location at which you want to save the CSR response.

4. Upload the CSR to the relevant CA for signing.

   ### Result:

   The CA signs the certificate and sends you a CSR response.

5. Click **Import**, navigate to the CSR response and click **OK**.

   ### Result:

   The CSR response is imported and saved. When PingOne for Enterprise uses the certificate to sign SSO messages (SAML assertions) it uses the updated certificate signed by the CA.