Generating a Certificate Signing Request or CSR TopicsCSR for Microsoft® IIS 5.x / 6.x
Generating an IIS SSL Certificate Signing Request (CSR) using Microsoft® IIS 5.x / 6.x
To generate your CSR, you will need to log in to your server and use the following instructions.
If you are generating a CSR to renew a certificate, or a CSR for a site that has an existing certificate, please see the notes at the end of this guide.
- Log in to the server. Go to 'Control Panel' > 'Administrative Tools' and double-click 'Internet Services Manager'.
- Right-click on the website you require the CSR for and choose 'Properties'. Select the 'Directory Security' tab.
- Click the 'Server Certificate' button. A wizard will start. Choose the option to 'Create a new certificate'. Click 'Next'.
- Click 'Prepare the request now, but send it later'. Click 'Next'.
- Enter your information. The 'Name' here refers to a 'Friendly Name' for the certificate, and is not your domain. The other options can be left at their defaults. Click 'Next'.
- Enter your Organization and Organizational unit information. Click 'Next'.
- Enter the fully qualified domain name of the website you require the certificate for. For wildcard certificates, enter in the format *.mydomain.com. Click 'Next'.
- Enter your location information. Click 'Next'.
- Choose a path and filename to save the CSR. Click 'Next'.
- Review the information. Click 'Next'.
- Your CSR is now generated. Open the 'certreq.txt' file with a text-editor and copy and paste the contents into the enrollment form when requested.
If you are generating CSR for a renewal of a certificate, Step 3 should have an option to renew the certificate and generate a new CSR. Select this and follow the wizard through to create a renewal CSR for the certificate.
The CSR generation process will create a 'Pending Request' on the website. DO NOT remove this pending request. It will be completed once you receive and install the certificate. Removing the Pending Request before you have installed your certificate will render the certificate useless, and you will need to repeat the whole CSR generation process again, and re-submit the CSR to us.