1. On the Signing & Decryption Keys & Certificates window, select Certificate Signing for the certificate.
    Note:

    This selection is inactive if you have not yet saved a newly created or imported certificate. Click Save and then return to this window to initiate the process.

    The selection is also inactive if a previously signed certificate is revoked. Because the revocation could indicate that the private key is compromised, the best practice is to import or create a replacement certificate for certificate signing.

  2. On the Certificate Signing tab, select the Generate CSR option.
  3. On the Generate CSR tab, click Export to save the CSR file, and then click Done.
    Note:

    Once saved, you can submit this CSR file to a certificate authority for a CA-signed certificate.