web analytics
en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

Generate a Certificate Signing Request (CSR) in Windows IIS 10

This how-to will step you through generating a certificate signing request (CSR) in IIS. These procedures were tested in Windows 10 on IIS 10, but will also work in IIS 7.x and 8.x.
This document covers CSR generation in IIS Manager. You can also order and install SSL/TLS certificates with SSL Manager, SSL.com’s free tool for Windows certificate management.
  1. Start IIS Manager. One quick way to do this is by opening the Run command, then typing inetmgr and clicking the OK button.

    Run window

  2. Select the server in the Connections pane, on the left side of the window.

    Select server

  3. Double-click the Server Certificates icon, located under IIS in the center pane of the window.

    Server Certificates Icon

  4. Click the Create Certificate Request… link, in the Actions pane on the right side of the window.

    Create Certificate Request

  5. The Request Certificate wizard will open. Fill out the Distinguished Name Properties form with the following information:

    • Common Name:  The hostname that will use the certificate. This is usually a fully-qualified domain name, like www.mydomain.com, or store.mydomain.com. You can also use a wildcard, like *.mydomain.com.
    • Organization: The legal name of your company or organization.
    • Organizational Unit: The departmental or division name for your group.
    • City/locality: The city where your company is located.
    • State/province: The state where your company is located.
    • Country/region: Please use the two-character abbreviation for your country.

    When you are finished filling out the form, click the Next button.

    Distinguished Name Properties

  6. Next, set the Cryptographic Service Provider Properties. Use the drop-down menus to select Microsoft RSA SChannel Cryptographic Provider as the cryptographic service provider, and a bit length of 2048 (unless you have a reason to set these to other values). When you are finished, click the Next button.

    Cryptographic Service Provider Properties

  7. Create a file name for your CSR, then click the Finish button.

    Create filename

  8. You’re finished! Open the CSR in a text editor when you are ready to submit it to SSL.com for signing. For instructions on submitting your CSR to SSL.com, please read our guide to CSR submission. When you’re ready to install your certificate, please see these how-tos on installation and binding in IIS.

    CSR in Notepad

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com