Do I need a new CSR for a certificate renewal?

The short answer is that while yes you can reuse the CSR, it doesn't mean you should.

It's worth considering that encryption methods can improve over time (e.g., generating RSA keys @ 2048 or 4096 vs 1024 awhile back, sha256 vs. sha512, etc) so it's probably best to just generate a new one considering how trivial it is and increasing the private key strength if it's outdated.


Technically no, if you're keeping the same private key. Most CAs use the CSR purely as a mechanism to provide the public key for the certificate. Especially for Domain Validated (DV) certificates, everything else in the CSR is thrown away. The public key value is hopefully verified against the signature on the CSR before being copied into a certificate structure for signing by the CA.