Let us understand the concept of CSR. A CSR or say Certificate Signing request is basically a block of encoded text which is provided to a Certificate Authority once requesting for an SSL Certificate. It is often built over the server where the concerned certificate can get installed and entails data which can be provided within the certificate like the name of organization, common name (or domain name), locality, and the country. It even entails the public key which can be provided in the certificate. A private key is basically built at the similar time which customers design the CSR, creating a key pair. A CSR is usually encoded in accordance to the requirement.
A certificate authority can utilize a CSR to build their SSL certificate, however it do not require the private key. Customers have to keep their private key confidentiality. The certificate designed with concerned CSR can just function with the private key which was created with it. Thus, if they lose their private key, the certificate is not going to work.
Customers have to build a CSR as well as the private key across the server which the certificate can be utilized on.