Articles in Root

Share Via Email

How do I generate a CSR on Microsoft IIS 5 or IIS 6 for a new website?

Problem

How do I generate a CSR on Microsoft IIS 5 or IIS 6 for a new website?

Solution

Note: This document assumes that you want to create a brand new certificate on a website whereas no existing certificate has been installed before.  If you are renewing a certificate and would like to obtain a CSR, then there is another document that explains that procedure.

  1. Open up IIS. This can be found in the Administrative Tools in Control Panel.

  2. Right-click on the website that you want to create a certificate for and click on Properties on the drop down menu.

  3. A new window will appear.  In that new window, click on the Directory Security tab at the top.

    4. In the same window, you will see three sections.  The bottom section named Secure communications has three buttons.

  4. Click on the Server Certificate... button.

    5. IIS Certificate Wizard appears.

  5. Select the circle, Create a new certificate. and click on Next.

  6. On the next step on the Wizard, select the circle, Prepare the request now, but send it later and click on Next.

  7. At the next step in the Wizard, enter in a Name for your certificate.  In the field where you see Bit length: select 2048 from the drop down. Leaving the other two check boxes unchecked, select Next.

  8. On the next screen, enter in the full legal name of the company which the certificate belongs into the Organization field.  In the Organizational unit field, enter in the department of the organization, such as 'IT' or "Marketing".  Click on Next.

  9. At the next screen, you will need to enter in your FQDN (fully qualified domain name) of your website in the field named Common name. It looks like "secure.example.com" or "example.com". Click on Next.

  10. On the next screen, you will need to select the country of your organization from the Country/Region drop down. You will then need to type in the State/province of that country along with city within that state within the City/locality field.  Once you have done that, click on Next.

  11. At the next step of the Wizard, you will need to specify where to save the CSR text file that will be created.  To change the location, you should click on the Browse... button.  After you have selected a location, click on the Next button.

  12. At the final screen, you will see a summary of all the certificate details that you have created.  Click on Next to generate the CSR file.

    13. Note: When you have generated a CSR file, you will have a pending request held for this website.  If this pending request is deleted before a certificate response can be installed, the set of private keys that were created will be deleted as well.  This will render the CSR file and the certificate response useless, including during installation.

  13. Open the newly created CSR file using notepad.  Select all the contents, copy and then paste into the form that can be found on QuoVadis' Website.

Legal


DigiCert is the world’s premier provider of high-assurance digital certificates—providing trusted SSL, private and managed PKI deployments, and device certificates for the emerging IoT market. Since our founding almost fifteen years ago, we’ve been driven by the idea of finding a better way. A better way to provide authentication on the internet. A better way to tailor solutions to our customer’s needs.

© 2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.