Certificate Signing Request, or CSR for short, are the official documents that allow you to request a cryptographic key for your website. This is what your clients will use to sign their SSL certificates.
There are two types of CSRs: self-signed and third-party signed. Self-signed CSRs are created by the website owner themselves, while third-party signed CSRs are requests made by an authorized party on behalf of the owner. For both types of CSR, you’ll need to upload a public key, a private key and a certificate authority (CA) that issued the public key.
The CA will sign all three documents with the private key and the public key it issued. The CA must be trusted by your client and will also verify the validity of your identity as the site owner. Once your client has received and verified your self-signed CSRs, it will then be able to request a signed certificate from a CA that it trusts. And voila! Your client can now secure their site through SSL encryption.