CSR – Microsoft IIS 7.x

Generating an IIS SSL Certificate Signing Request (CSR) using Microsoft IIS 7.x

Click Select Administrative Tools.

Start Internet Services Manager.

Click Server Name.

From the center menu, double-click the “Server Certificates” button in the “Security”


Select “Actions” menu (on the right), click on “Create Certificate Request.”


This will open the Request Certificate wizard


In the “Distinguished Name Properties” window, enter the information as follows:

The Common Name field should be the Fully Qualified Domain Name (FQDN) or the web address for which you plan to use your IIS SSL Certificate. You will need to insure that the common name submitted in the CSR is the correct domain name / FQDN that you intend to use the certificate for. For wildcard SSL certificates the common name should contain at least one asterisks (*)g. *.company.com,*.something.company.com,etc

Enter Organisation and Organisation Unit, these are your company name and department respectively.

Enter your City/locality, State/province/Län and Country.

Click NEXT

In the “Cryptographic Service Provider Properties”window, Leave Cryptographic Service provider Default (Microsoft RSA SChannel Cryptographic Provider) Change the Bit Length to (2048) then Click Next.


Enter a filename and location to save your CSR. You will need this CSR to enroll for your IIS SSL Certificate


Click Finish

Your new CSR is now contained within the file c:\certreq.txt

When you make your application, make sure you include the CSR in its entirety into the appropriate section of the enrollment form – including

Click Next

Confirm your details in the enrollment form


To save your private key:

Go to: Certificates snap in in the MMC

Select Requests

Select All tasks

Select Export

We recommend that you make a note of your password and backup your key as these are known only to you, so if you lose them we can’t help!

A USB Memory Stick or other removable media is recommended for your backup files.

Please note that this last step is not required but is recommended if you intend to make any changes to the site.


Comments are closed