Solution
Note: This document assumes that you want to create a brand new certificate on a website whereas no existing certificate has been installed before. If you are renewing a certificate and would like to obtain a CSR, then there is another document that explains that procedure.
- Open up IIS. This can be found in the Administrative Tools in Control Panel.
- Right-click on the website that you want to create a certificate for and click on Properties on the drop down menu.
- A new window will appear. In that new window, click on the Directory Security tab at the top.
In the same window, you will see three sections. The bottom section named Secure communications has three buttons.
- Click on the Server Certificate... button.
IIS Certificate Wizard appears.
- Select the circle, Create a new certificate. and click on Next.
- On the next step on the Wizard, select the circle, Prepare the request now, but send it later and click on Next.
- At the next step in the Wizard, enter in a Name for your certificate. In the field where you see Bit length: select 2048 from the drop down. Leaving the other two check boxes unchecked, select Next.
- On the next screen, enter in the full legal name of the company which the certificate belongs into the Organization field. In the Organizational unit field, enter in the department of the organization, such as 'IT' or "Marketing". Click on Next.
- At the next screen, you will need to enter in your FQDN (fully qualified domain name) of your website in the field named Common name. It looks like "secure.example.com" or "example.com". Click on Next.
- On the next screen, you will need to select the country of your organization from the Country/Region drop down. You will then need to type in the State/province of that country along with city within that state within the City/locality field. Once you have done that, click on Next.
- At the next step of the Wizard, you will need to specify where to save the CSR text file that will be created. To change the location, you should click on the Browse... button. After you have selected a location, click on the Next button.
- At the final screen, you will see a summary of all the certificate details that you have created. Click on Next to generate the CSR file.
Note: When you have generated a CSR file, you will have a pending request held for this website. If this pending request is deleted before a certificate response can be installed, the set of private keys that were created will be deleted as well. This will render the CSR file and the certificate response useless, including during installation.
- Open the newly created CSR file using notepad. Select all the contents, copy and then paste into the form that can be found on QuoVadis' Website.