Generating a CSR code on IIS7

Need a hand installing your SSL? We can do it for you.

CSR generation for the Internet Information Server v.7 (IIS7) should be done through Internet Services Manager using the steps below:

  • Click Start >> Administrative Tools.

  • Start Internet Information Services (IIS) Manager.

  • Click Server Name >> double-click on the Server Certificates in the IIS section, located in the center menu.

IIS7_Installation

  • Choose the Actions menu (on the right) >> click on Create Certificate Request.

02_CSR_IIS7
Note: When renewing your SSL certificate, also use the "Create Certificate Request" option. Selecting the renew option in the Server Certificates section generates a PKCS#7-formatted CSR, which many CSR decoders and CA applications do not recognize as valid. Consequently, such a CSR cannot be used for renewal.

  • The Request Certificate wizard will be opened. From here, you will need to enter the information required for the CSR code (details and example listed below):

1_CSR_IIS7.jpg

   Common Name: yourdomain.com

   Organization: MyCompany Ltd

   Organization Unit (eg, section): IT, Support, Sales etc.

   City/ Locality Name: Los Angeles   

   State or Province Name (full name): California

   Country Name (2 letter code): US

For Wildcard SSL certificates, the common name should be specified in the format:  *.yourdomain.tld.

  • Click Next once all fields are filled in completely.

  • In the Cryptographic Service Provider Properties window:

    • Leave Cryptographic Service provider default ("Microsoft RSA SChannel Cryptographic Provider").

    • Change the Bit Length to 2048.

In accordance with the Comodo (now Sectigo) Certificate Authority policy change, starting from December 20, 2010, SSL Certificates can be issued using CSR codes with 2048-bit and higher.

    • Click Next.

2_CSR_IIS7

  • Specify a filename and location to save your CSR code (e.g. c:\certreq.txt).

  • Click Finish.

4_CSR_IIS7

That's it!

Updated
Viewed
83848 times

Need help? We're always here for you.

notmyip