How to Generate a CSR for Microsoft IIS 7

How to Generate a CSR for Microsoft IIS 7

1. Open Internet Information Services (IIS) Manager

Click StartControl PanelAdministrative Tools, and then select Internet Information Services (IIS) Manager.

2. Select the Server Where You Want to Generate the Certificate 

In the left Connections menu, select the server name (host) where you want to generate the request.

3. Navigate to Server Certificates

In the center menu, click the Server Certificates icon under the Security section near the bottom.

4. Select Create a New Certificate 

In the right Actions menu, click Create Certificate Request.

5. Enter Your CSR Details

In the Distinguished Name Properties window, enter in the required CSR details and then click Next.

To avoid common mistakes when filling out your CSR details, reference our Overview of Certificate Signing Request knowledge base article.

6. Select a Cryptographic Service Provider and Bit Length

In the Cryptographic Service Provider Properties window, select Microsoft RSA SChannel Cryptographic Provider and Bit Length of 2048, then click Next.

Bit Length: 2048 is the current industry standard. You may choose a larger key size, but only if you have a requirement to do so, as longer key lengths increase latency and may reduce compatibility.

7. Save the CSR

Click Browse to specify the location where you want to save the CSR as a “.txt” file and click Finish.

8. Upload the CSR 

Locate and open the newly created CSR from the specified location you choose in a text editor such as Notepad and copy all the text including:

-----BEGIN CERTIFICATE REQUEST-----
And
-----END CERTIFICATE REQUEST-----

After you have received your CSR, return to your 101domain account and upload your CSR or paste in your CSR code.