The key here (no pun intended) is that the private key is generated when you create the CSR, and therefore the only host that has the private key that corresponds to that CSR right now is the web server on which you created the CSR.
The following instructions will guide you through the CSR generation process on Microsoft IIS 5 & 6. To learn more about CSRs and the importance of your private key, reference our Overview of Certificate Signing Request article. If you already generated the CSR and received your trusted SSL certificate, reference our SSL Installation Instructions and disregard the steps below.
- Open IIS Manager. In the left-hand Connections pane, click the server for which you want to generate a CSR. In the center server Home pane under the IIS section, double-click Server Certificates. In the right-hand Actions pane, click Create Certificate Request.
- Nov 02, 2013 In this tutorial you will learn: How to Generate or Create (CSR) Certificate Signing Request in IIS 8 on windows server 2012. What is Certificate Signing req.
1. Open Internet Information Services (IIS) Manager
Click Start, Control Panel, Administrative Tools, and then select Internet Information Services (IIS) Manager.
2. Navigate to Website Properties
In the left menu, click + next to your local computer and then Web Sites.
Right-click the website (i.e. Default Web Site) that you want to protect and click Properties.
3. In Directory Security, select Server Certificates
In the Default Web Site Properties window, select the Directory Security tab, click Server Certificate…, and then Next.
4. Select Create a New Certificate
Then click Next.
Note: For renewing an existing SSL Certificate, select “Renew, Remove, or Replace your certificate” and skip to Step 7.
5. Select Prepare request now, but send it later
Then click Next.
6. Enter a Friendly Name
Enter a friendlyname for your certificate, select a Bit Length of 2048, and click Next, without checking the boxes.
Note: Please name the certificate something you can easily recognize in the future. This will only be an internal reference name and will not be part of your SSL certificate.
7. Follow the wizard to enter in your organization and website information
Enter your legally incorporated Organization Name and Organizational Unit such as “IT Security” and click Next.
Enter your Common Name which will be the FQDN (fully qualified domain name) on your SSL certificate.
Note: For Wildcard Certificates, you must add the asterisk symbol in the left furthest sub-domain (i.e. *.domainname.com) which is what enables an unlimited number of coverage at that specific level.
Select the Geographic Location for your company and click Next.
8. Save the CSR
Click Browse to specify the location where you want to save the CSR as a “.txt” file and click Next.
9. Finish
Review the Request File Summary and if changes are required, click Finish.
10. Generate the Order
Locate and open the newly created CSR from the specified location you choose in a text editor such as Notepad and copy all the text including:
Return to the Generation Form on our website and paste the entire CSR into the blank text box and continue with completing the generation process.
Upon generating your CSR, your order will enter the validation process with the issuing Certificate Authority (CA) and require the certificate requester to complete some form of validation depending on the certificate purchased. For information regarding the different levels of the validation process and how to satisfy the industry requirements, reference our validation articles.
After you complete the validation process and receive the trusted SSL Certificate from the issuing Certificate Authority (CA), proceed with the next step using our SSL Installation Instructions for Microsoft IIS 5 & 6.
Was this article helpful?
Related Articles
The following instructions will guide you through the CSR generation process on Microsoft IIS 7. To learn more about CSRs and the importance of your private key, reference our Overview of Certificate Signing Request article. If you already generated the CSR and received your trusted SSL certificate, reference our SSL Installation Instructions and disregard the steps below.
1. Open Internet Information Services (IIS) Manager
Click Start, Control Panel, Administrative Tools, and then select Internet Information Services (IIS) Manager.
2. Select the server where you want to generate the certificate
In the left Connections menu, select the server name (host) where you want to generate the request.
3. Navigate to Server Certificates
In the center menu, click the Server Certificates icon under the Security section near the bottom.
4. Select Create a New Certificate
In the right Actions menu, click Create Certificate Request.
5. Enter your CSR details
In the Distinguished Name Properties window, enter in the required CSR details and then click Next.
Note: To avoid common mistakes when filling out your CSR details, reference our Overview of Certificate Signing Request article.
Generate Csr Iis 7
6. Select a cryptographic service provider and bit length
In the Cryptographic Service Provider Properties window, select Microsoft RSA SChannel Cryptographic Provider and Bit Length of 2048, then click Next.
Note: Bit Length: 2048 is the current industry standard. You may choose a larger key size, but only if you have a requirement to do so, as longer key lengths increase latency and may reduce compatibility.
7. Save the CSR
Click Browse to specify the location where you want to save the CSR as a “.txt” file and click Finish.
8. Generate the order
Locate and open the newly created CSR from the specified location you choose in a text editor such as Notepad and copy all the text including:
Return to the Generation Form on our website and paste the entire CSR into the blank text box and continue with completing the generation process.
Upon generating your CSR, your order will enter the validation process with the issuing Certificate Authority (CA) and require the certificate requester to complete some form of validation depending on the certificate purchased. For information regarding the different levels of the validation process and how to satisfy the industry requirements, reference our validation articles.
Generate Csr With Private Key Iis Download
After you complete the validation process and receive the trusted SSL Certificate from the issuing Certificate Authority (CA), proceed with the next step using our SSL Installation Instructions for Microsoft IIS 7.