Have a question or solution? Post it at the SSL.com IT Security Q&A community site. All visitors welcome and it's FREE!

SSL Installation Support

Knowledge base and troubleshooting guides for ssl installation issues

How To Create A CSR In IIS 7
Posted by Leonard Grove on 19 August 2011 09:08 PM

Follow the below instructions to generate a CSR for your website. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate-request page.

To Generate and Submit the Certificate Signing Request (CSR):

  1. Click the Start menu and select Administrative Tools.
  2. Start Internet Services Manager and click the Server Name.
  3. In the center section, double click on the Server Certificates button in the Security section.
  4. From the Actions menu click Create Certificate Request. This will open the Request Certificate wizard.
  5. Enter your Distinguished Name field information. The following characters cannot be used:
    < > ~ ! @ # $ % ^ * / \ ( ) ?. 
    This includes commas.

    Distinguished Name Fields:

    • Organization: The name under which your business is legally registered. The listed organization must be the legal registrant of the domain name in the certificate request. If you are enrolling as an individual, please enter the certificate requestor's name in the "Organization" field, and the DBA (doing business as) name in the "Organizational Unit" field.
    • Organizational Unit: Use this field to differentiate between divisions within an organization. For example, "Engineering" or "Human Resources." If applicable, you may enter the DBA (doing business as) name in this field.
    • Common Name: The Common Name is the fully-qualified domain name - or URL - for which you plan to use your certificate, e.g., the area of your site you wish customers to connect to using SSL. For example, an SSL certificate issued for "www.yourcompanyname.com" will not be valid for "secure.yourcompanyname.com." If the Web address to be used for SSL is "secure.yourcompanyname.com," ensure that the common name submitted in the CSR is "secure.yourcompanyname.com."

      If you are requesting a Wildcard certificate, please add an asterisk (*) on the left side of the Common Name (e.g., "*.domainnamegoes.com" or "www*.domainnamegoeshere.com"). This will secure all subdomains of the Common Name.
    • Country: The two-letter International Organization for Standardization- (ISO-) format country code for the country in which your organization is legally registered.
    • State/Province: Name of state or province where your organization is located. Please enter the full name. Do not abbreviate.
    • City/Locality: Name of the city in which your organization is registered/located. Please spell out the name of the city. Do not abbreviate.
  6. Click Next.
  7. In the Cryptographic Service Provider Properties window, select Microsoft RSA SChannel Cryptographic Provider; then select the bit length (2048 is the minimum). Click Next.
  8. Enter a path and file name for the CSR and click Finish.
  9. Open the generated CSR file; then, using a plain-text editor, such as Windows Notepad, copy and paste the CSR into our online enrollment form.
(11 votes)
This article was helpful
This article was not helpful

Comments (0)
Post a new comment 
Full Name:
CAPTCHA Verification 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.