I provide an application hosting service, and most of my clients require SSL. In most cases I generate the CSR on the server (which I host), I send the CSR to the customer and they get a certificate issued by a CA, and everything works nicely. For testing, I generate a self-signed certificate, and...