> ## Documentation Index
> Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Download node CSRs from Prism Element

> Generate and download the per-CVM-node Certificate Signing Requests (CSRs) from Nutanix Prism Element for signing on the CryptoHub.

*Nutanix generates a unique keypair and Certificate Signing Request (CSR) for each Controller VM (CVM) node in the cluster. Download these CSRs from Prism Element and prepare them for signing on the CryptoHub.*

<Steps>
  <Step>
    Log in to Prism Element and click the **gear icon** (⚙) in the top-right corner to open the Settings panel.
  </Step>

  <Step>
    In the left pane under the Security section, select **Data-at-rest Encryption**.
  </Step>

  <Step>
    Click **Edit Configuration** (or **Continue Configuration** if you have previously started setup).
  </Step>

  <Step>
    Under **Key Management Server Type**, select **An external KMS**.
  </Step>

  <Step>
    Scroll down to the **Certificate Signing Request Information** section. Complete all required fields:

    * **Organization**
    * **Organizational Unit**
    * **Country** (two-letter ISO code)
    * **State**
    * **City**
    * **Email**

    Click **Save CSR Info**.
  </Step>

  <Step>
    Click **Download CSRs**. In the dialog that appears, click **Download CSRs for all nodes**.

    Prism Element downloads a `csrs.zip` archive containing one CSR file per CVM node. The files use a `.txt` extension by default.
  </Step>

  <Step>
    Extract the `csrs.zip` archive on your workstation.

    You can rename each file from `.txt` to `.csr`, but it is not required. The file contents are standard PEM-encoded CSRs regardless of extension.
  </Step>
</Steps>

<Note>
  The number of CSR files in the archive equals the number of CVM nodes in the cluster. A three-node cluster produces three CSR files; a larger cluster produces more. Each CSR must be signed individually on the CryptoHub.
</Note>
