Generate A Certificate Signing Request Using IIS 6

Background

A certificate signing request is how a Web site obtains its digital certificate. It does so by issuing a request to a certifying authority. To generate the request, certain information needs to be compiled.

Objectives

• To generate a certificate signing request (CSR).

Steps

1. Getting started
• Select Administrative Tools
• Start Internet Services Manager



• Right click on Default Web Site and select Properties from the menu.
• Open the Directory Security panel by right clicking on the Directory Security tab.
2. Properties

   

   • Click on the Server Certificate... button near the bottom.
   • The IIS Certificate Wizard will appear.
3. Server Certificate

   

   • Select Create a new certificate and click Next.
4. Delayed or Immediate Request

   

   • Select Prepare the request now, but send it later.
   • Click Next.
5. Name and Security Settings

   

   • Enter a Name for the certificate.
     • It needs to be easily identifiable if working with multiple domains.
     • This is for your records only.
   • Stay with the default bit length of 1024.
   • If the server is only 40 bit enabled, then generate a 512 bit key.
   • If the server is 128 bit, one may generate a key up to 1024 bits.
   • Click Next.
6. Organization Information

   

   • Enter Organization and Organizational unit.
     • These are the company name and department, respectively.
   • Click Next.
7. Web Site's Common Name

   

   • The Common name field should be the Fully Qualified Domain Name (FQDN) of the Web address for which the certificate will be used.
   • For example, a certificate issued for domain.com will not be valid for secure.domain.com.
   • If the Web address to be used for SSL is secure.domain.com, ensure the common name submitted in the request is secure.domain.com.
   • Click Next.
8. Geographical Information

   

   • Select the appropriate Country/Region:.
   • Enter the correct State/province:.
   • Enter the correct City/locality:.
   • Click Next.
9. Certificate Request File Name

   

   • In the File name: field enter the folder and name of the file of where to store the request.
   • Use the Browse... button to avoid typing mistakes.
   • Click Next.
10. Request File Summary

    

    • Carefully review the details that are displayed.
    • Click Next when you are happy the details are absolutely correct, otherwise click Back and make the necessary corrections.

Congratulations! You have successfully created a certificate signing request.