How to create a CSR in Windows 2003 IIS 6

Issue: You need to create a certificate request as part of the process in obtaining an SSL certificate
Solution: Follow the steps below to create your CSR and submit to your Certificate Authority.

  1. If you haven’t already, you need to purchase an SSL certificate credit from your Third Party Certificate Authority (like GoDaddy, Geotrust, or Comodo).
  2. Open IIS Manager, expand Web Sites, right click Default Website, click properties.
    properties of default website IIS
  3. Click Directory Security > Server Certificates
    Directory Security - Server Certificates
  4. Click next on the Web Server Certificate Wizard:
    Welcome to the IIS web server certificate wizard
  5. Select “Create new Certificate”
    iis-cert-wizard-create-new
  6. Select “Prepare the certificate request now, but send it later”:
    prepare-cert-request-send-later
  7. Enter the name for your certificate, this is the hostname that the cert will encrypt traffic on, often then URL of your website:
    cert-name-bit-length-2048
  8. In the Organization field, put your official company name.  For organization unit, I generally put “IT”:
    organization-organizational-unit
  9. Enter the “Common Name”, this must be the hostname that the cert will encrypt traffic on, often the hostname section of the URL of your website or server:
    cert-common-name
  10. Enter the City / State of your organization:
    iis-cert-request-state-city
  11. Enter the location and filename for the certificate request file that you will create:
    iis-cert-request-file-name
  12. Click yes to create the C:\certs directory:
    create-certs-directory
  13. Click next on the Request File Summary:
    cert-request-file
  14. Click Finish on the Completing Web Server Certificate Wizard:
    completing-web-server-certificate-wizard
  15. Your certificate request is now generated and is in the file c:\certs\certreq2016.txt.  Open this file and copy/paste the contents into the CSR field on the website of the third party SSL certificate that you purchased.  Once your CSR is submitted to your Certificate Authority (CA) you can proceed to the next step.
  16. Your certificate authority will require verification steps be performed before they issue the certificate.  This generally entails checking the email of the email address listed in your domain’s WHOIS information and looking for an email from your certificate authority and clicking the verification link in that email.
  17. Download the certificate from your certificate authority, or in some cases the CA may email you the completed certificate.
  18. Next you will need to process the pending certificate request and install the ssl certificate (follow link for steps).

One thought on “How to create a CSR in Windows 2003 IIS 6

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.