IIS: Generate CSRs (Certificate Signing Requests)

What is a CSR? A CSR or Certificate Signing request is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually generated on the server where the certificate will be installed and contains information that will be included in the certificate such as the organization name, common name (domain name), locality, and country.

Below is the step to generate the CSR from IIS7/8 which on Window server 2008/2012. 

1) From the Start screen, click or search for Internet Information Services (IIS) Manager and open it.

2) In the Connections panel on the left, click the server name for which you want to generate the CSR.

3) In the middle panel, double-click Server Certificates.

4) In the Actions panel on the right, click Create Certificate Request....

5) Enter the following Distinguished Name Properties, and then click Next:


Common Name - The name through which the certificate will be accessed (usually the fully-qualified domain name, e.g., www.domain.com or domain.com).

Organization - The legally registered name of your organization/company.

Organizational unit - The name of your department within the organization (frequently this entry will be listed as "IT," "Web Security," or is simply left blank).

City/locality - The city in which your organization is located.

State/province - The state in which your organization is located.

Country/region - Country Code

6) In the "Cryptographic Service Provider Properties" window, select Microsoft RSA SChannel Cryptographic Provider. Select 2048 or higher for Bit Length, then click NEXT

7) Select the file name of the CSR (.txt) and click FINISH

The CSR key of the domain is on that file that created on Step 7. 

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.