- Is it necessary that every CSR (different common names) use/generate a unique key or a single key can be used for multiple CSRs (i.e. different common names).
I dont see why it shouldn't work but its definitely not recommended and is not a good idea.
From Carlisle Adams' PKI book, recommending against putting the same key
in multiple certs:
"It is too easy to "slip up" and not hold all other important aspects of
these multiple certificates constant. [...] If a single public key is
contained in multiple certificates and the private key is compromised (or
other circumstances occur that require revocation), it must be "remembered"
(or discovered) which certificates contain this key so that they may all be
revoked. [...] Having the same public key in multiple certificates can
complicate the administrative processes involved in certificate management."
Syed Iftekhar Ahmed