CSR generation for the Internet Information Server v.7 (IIS7) should be done through Internet Services Manager using the steps below:
Click Start > Administrative Tools
Start Internet Information Services (IIS) Manager
- Click Server Name > double-click on the "Server Certificates" button in the "IIS" section, located in the center menu
- Choose the "Actions" menu (on the right) > click on "Create Certificate Request".
- The Request Certificate wizard will be opened. From here, you will need to enter the information required for the CSR code (details and example listed below):
Common Name: yourdomain.com
Organization: My Company Ltd
Organization Unit (eg, section): IT, Support, Sales etc.
City/ Locality Name: Hong Kong
State or Province Name (full name): Hong Kong
Country Name (2 letter code): HK
For Wildcard SSL certificates the common name should be specified in the format: *.yourdomain.tld
Click Next once all fields are filled in completely
In the "Cryptographic Service Provider Properties" window:
- Leave Cryptographic Service provider Default (Microsoft RSA SChannel Cryptographic Provider)
- Change the Bit Length to 2048.
- Click Next.
In accordance with the Comodo (now Sectigo) Certificate Authority policy change, starting from December 20, 2010, SSL Certificates can be issued using CSR codes with 2048-bit and higher.
Specify a filename and location to save your CSR code (e.g. c:certreq.txt)
- Click Finish.