Must CSRs be generated on the server that will host the SSL certificate?

Solution 1:

No. It is not necessary to generate the CSR on the machine that you want to host the resulting certificate on. The CSR does need to be generated either using the existing private key that the certificate will be eventually paired with or its matching private key is generated as part of the CSR creation process.

What's important is not so much the originating host but that the private key and resulting public key are a matching pair.

Solution 2:

kce is dead right, it absolutely does not need to be done on the same machine, but it does need to be done from the relevant private key.

The only reason I'm posting a second answer is because no one has said why you might want to do such a thing. Nearly every key/CSR set that I generate is done from my laptop or desktop, then the key is securely copied onto the server where the certificate will be installed, and the CSR is sent off to the signing agency. The reason is entropy: SSL certificates are generally used to secure servers, and servers often have very shallow entropy pools, which either weakens keypairs they create or makes creation take a long time. Desktops, on the other hand, have a useful source of randomness connected via keyboard/mouse cables, and thus tend to have deep entropy pools. They therefore make much better platforms for operations that require high-quality random numbers, keypair generation being one such purpose.

So not only can the key/CSR be generated off-server, but I find there is frequently a good reason to do so.