A Certificate Signing Request (CSR) is needed in case you would like to obtain an SSL certificate that will encode all of the payment and login info which are exchanged between your site and its customers. The CSR contains info about the website and its owner in Base64-encoded form - web address, physical address and e-mail, company name and unit, etcetera. Based on this code, a registered SSL vendor gives you the certificate, that is digitally signed with the vendor's private key in order to show that they're a reliable issuer. At the time of the CSR generation, a unique private key is also created and the set up of the SSL involves all of the four codes - both the keys, the certificate and the CSR. After that, you'll be able to use a URL that starts with https:// for your site rather than http:// and your site visitors can view the info that you have provided for the CSR via their web browsers.