This is because it is missing one or more required fields or the CSR contains non-alphanumeric characters in the required fields.
The private key is used on the server-side exchange for creating the secure connection. It should never be exposed to your SSL provider or outside users, unless specifically requested by your web host for installation. Please note if the private key is lost or deleted, you will have to make a new CSR and private key on your server. Your private key is not provided by the Certificate Authority (CA) or your SSL provider.
If this happens, your common name is not appropriately formatted for your type of certificate (wildcard certificates should use *.domain.com, for example) or you could also have disallowed characters in other fields. Please create a new CSR that only use the English alphabet and numbers 0-9. For example, if the “&” symbol is included in your Organization Name, please type out “and” instead.
Make sure you have the correct file copied and not your self-signed certificate, your previous SSL, or if it is bundled as a PKCS7 or PKCS12. Or, you could have a pass-phrase that does not have alpha-numeric characters or disallowed characters. If this is the case, you will need to generate a new CSR without the disallowed characters or in the proper form. Please only use the English alphabet and numbers 0-9. For example, if the “&” symbol is included in your Organization Name, please type out “and” instead.
It is impossible to edit any fields once the CSR has been created. You will simply need to generate a new CSR with the correct details?
Please consult official documentation for your server, operating system, or control panel. Most documentation can be found online through a simple Google search.
A CSR stands for Certificate Signing Request and is necessary for all SSL certificates in order to complete the generation process. A CSR is generated from your server.
The easiest way is to create a new CSR on the new machine and have the certificate re-issued.
First check your backups and see if you can re-install the “private key”. If you don’t know how to re-install the key from your backups, contact your systems administrator. Failing that, contact your web server software vendor for technical support. The only alternative course of action available is a re-issuance of the certificate following the re-submitting of a replacement CSR.
If you still have the order number they can use the automated password reminder system or if not then, an email must be sent from the administrative email address on the account to firstname.lastname@example.org. Concluding the original domain name it was purchased for, or the original order number.