Home / Tutorials / How to Generate a CSR in IIS

How to Generate a CSR in IIS

In this tutorial, we will show you how to generate a CSR in IIS. Make sure you’re logged in as Administrator on the local computer or have the permissions to perform this task.

Choose your version of Microsoft IIS and follow the steps below exactly as outlined:

  1. How to generate a CSR code in Microsoft IIS 10?
  2. How to generate a CSR code in Microsoft IIS 8 & 8.5?
  3. How to generate a CSR code in Microsoft IIS 7?
  4. How to generate a CSR code in Microsoft IIS 5 & 6?

How to Generate a CSR in IIS 10?

  1. Press the Win+r hotkey and type inetmgr into the open field to launch the Internet Information Services (IIS) manager. You can also open it via the Windows Start menu, by typing “Internet Information Services (IIS) Manager”
  2. Next, click the server in the left Connections menu, and double-click the Server Certificates in the Home menu
  3. Now move your cursor to the right side of the window and, under the Actions, click Create Certificate Request
  4. A new window – Distinguished Name Properties – will pop up. Fill in all the fields (only alphanumerical characters are allowed) with relevant information as shown below:
    • Common Name: Enter the FQDN (fully qualified domain name). For a Wildcard Certificate, add an asterisk in front of the domain name; e.g. *.ssldragon.com
    • Organization: Enter the legal name of your organization (for BV and EV certificates). For DV certificates type NA
    • Organizational unit: Enter the department responsible for SSL Certificate installation. Usually, it’s IT or Web Security
    • City/locality: Add the city where your company is legally located. Repeat the same step for the State/province and Country/region fields
  5. Verify your information one more time and click Next
  6. The Cryptographic Service Provider Properties window will appear. Choose Microsoft RSA SChannel Cryptographic Provider for the first parameter, and set the bit length to 2048. Click Next
  7. In the final window, specify the file name and location for your SSL Certificate. Make sure it is in the .txt format and the save location already exists. The default directory for the CSR is for CSR is C:\Windows\System32. Hit the Finish button
  8. With help of a text editor such as Notepad, open the generated CSR file. Copy the entire text including the —–BEGIN NEW CERTIFICATE REQUEST—– and —–END NEW CERTIFICATE REQUEST—– tags, and paste it into your order form
  9. Once the Certificate Authority approves your request and signs the SSL Certificate, you can install it on the IIS server.

How to Generate a CSR in IIS 8 & 8.5?

  1. Press Win+r, then type inetmgr and click ok. Alternatively, open Internet Information Services (IIS) Manager from the Start menu
  2. In the Connections menu (left side) select the server and then, in the Home menu open the Server Certificates icon
  3. In the Actions menu (right side), click on Create Certificate Request
  4. A new window (Distinguished Name Properties) will open. Here, you need to submit the required information. Please use only alphanumeric characters and follow the examples below:
    • Common Name: Enter the FQDN (fully qualified domain name) you want to secure. For a Wildcard Certificate, add an asterisk in front of the domain name; e.g. *.ssldragon.com
    • Organization: Type your company’s officially registered name (for BV and EV certificates). If you have a DV certificate, type NA
    • Organizational unit: Enter your department’s name. Usually, it’s “IT” or Web, and NA for DV SSL
    • City/locality: Add the city where your company is legally located. Repeat the same step for the State/province and Country/region fields
  5. Double-check the information and click Next
  6. The Cryptographic Service Provider Properties window will open. Select Microsoft RSA SChannel Cryptographic Provider for the first box, and 2048 for the bit length. Click Next
  7. In the File Name window choose a file name and a save location (the default save location for the CSR is C:\Windows\System32.) for the CSR and press the Finish button
  8. Use a text editor such as Notepad to open the newly created CSR file. Copy the entire text including the —–BEGIN NEW CERTIFICATE REQUEST—– and —–END NEW CERTIFICATE REQUEST—– tags, and paste it into your order form
  9. Now, all you have to do is wait for the CA to validate your request. When you receive the certificate, you can continue with the installation.

How to Generate a CSR in IIS 7?

  1. Press Win+r, enter inetmgr in the “Open” box, and then click ok. Alternatively, open the Start menu, browse to the Administrative Tools, and select Internet Information Services (IIS) Manager
  2. On the left, you will see the server name. Click on it and then double-click the “Server Certificates” icon
  3. On the right side, inside Actions click the “Create Certificate Request” option to open the Request certificate wizard
  4. In the first window titled Distinguished Name Proprieties fill in the fields with relevant information:
    Note: Only alphanumerical characters are allowed for the CSR information. 

    • Common Name: Enter the FQDN (fully qualified domain name) you want to secure. For a Wildcard Certificate, add an asterisk in front of the domain name; e.g. *.ssldragon.com
    • Organization: Write your company’s officially registered name. This applies to BV and EV Certificates. If you bought a DV SSL, type NA instead
    • Organizational unit: Enter your department’s name. Usually, it’s “IT” or Web”. Type NA in case of a DV certificate
    • City/locality: Add the city where your company is legally located. Repeat the same step for the State/province and Country/region fields
  5. Double-check all the information and click Next
  6. On the following Cryptographic Service Provider Properties window, in the drop-down lists choose Microsoft RSA SChannel Cryptographic Provider, and for the Bit length select 2048-bit. Click Next
  7. On the next File Name window, under the Specify a file name for the certificate request, click the three-dotted button to provide a Save location and a file name for the CSR. Click Finish
    Note: The default save location for the CSR is C:\Windows\System32.
  8. Open the generated CSR file with a text editor of your choice (Notepad for example), then copy the whole text including the —–BEGIN NEW CERTIFICATE REQUEST—– and —–END NEW CERTIFICATE REQUEST—– tags, and paste it during the order process with SSL Dragon
  9. Wait for the Certificate Authority to validate your request and issue the SSL Certificate. After you receive it, you can proceed with the installation.

How to generate a CSR in IIS 5 & 6?

  1. Click the Start menu. From the Control Panel select Administrative Tools and open the Internet Information Services
  2. In the right side menu, right-click on Default Website then select Properties
  3. In the Default Web Site Properties window select the Directory Security Tab and click Server Certificate
  4. In the following IIS Certificate Wizard select the first option Create a new certificate and hit Next
  5. Now, select Prepare the request now, but send it later and click Next
  6. In the next window, type a name for your certificate and select 2048 for the bit-length. Leave the other boxes unchecked and hit Next
  7. Enter the officially registered name of your company (for BV and EV certificates). If you bought a DV certificate, type N/A. Don’t leave this field blank. In the organizational unit box, select IT or Web. For DV Certificates, type N/A. Click Next
  8. Now, in the Common Name field, enter the FQDN (fully qualified domain name) for your website; e.g. www.ssldragon.com
  9. Fill in the Country/region, State/province, and City/locality fields with the legal location of your company. Click Next
  10. Choose a file name and save the location for your CSR (save it as a text file in the .txt format) and hit Next
  11. Double-check that the information is correct and up-to-date. Click Next to generate the CSR file
  12. Open the downloaded CSR file with a text editor such as Notepad, then copy the whole text including the —–BEGIN NEW CERTIFICATE REQUEST—– and —–END NEW CERTIFICATE REQUEST—– tags, and paste it during the order process with SSL Dragon
  13. After the Certificate Authority sends you the SSL Certificate, you can install it.