**Challenge password** is another layer of security used when creating a Certificate Signing Request (CSR). This is particularly useful when third-party entities are involved in the certificate creation process, as you hand over the CSR to them for processing. To ensure that third parties don’t tamper with your CSR, you can add a challenge password. This involves adding a checksum to the CSR, which must match the final generated certificate. ### See also 1. [[How to create CSR?]] 2. [[Certificate Signing Request]]