The certificate is public however the vital is private . Yes a important pair has to be established to develop the csr. Have a look in this article. An SSL certificate issued by a CA to an organization and its area/website verifies that a trusted third party has authenticated that https://www.hostscheap.com/ssl-certificates