Generating a CSR on IIS 7.x – 8.x

The steps to generate CSR on IIS 7.x – 8.x are mentioned below:

  • Click Start
  • Select Administrative Tools.
  • Start Internet Services Manager
  • Click Server Name
  • From center  menu ,double-click the “Server- Certificates” button in the “Security”  section.

postive ssl csr on iis 7.x - 8.x

  • Select “Actions” menu (on the right), click on “Create Certificate Request.

postive ssl csr on iis create ssl request-comprompt

  • This will open Request Certificate wizard.


  • In the “Distinguished Name Properties” window, enter the information as follows:
  • The Common Name field should be the Fully Qualified Domain Name (FQDN) or the web address for which you plan to use your IIS SSL Certificate. You will need to insure that the common name submitted in the CSR is the correct domain name / FQDN that you intend to use the certificate for. For wildcard SSL certificates the common name should contain at least one asterisks (*) e.g. *,*,etc.
  • Enter Organisation and Organisation Unit, these are your company name and department respectively.
  • Enter your City/locality, State/province and Country/region.
  • Click Next
  • In the “Cryptographic Service Provider Properties” window, Leave Cryptographic Service provider Default (Microsoft RSA SChannel Cryptographic Provider) Change the Bit Length to (2048) then Click Next.


  • Enter a filename and location to save your CSR. You will need this CSR to enroll for your IIS SSL Certificate.
  • Click Finish.
  • Your new CSR is now contained within the file c:\certreq.txt
  • When you make your application, make sure you include the CSR in its entirety into the appropriate section of the enrollment form – including
  • Click Next
  • Confirm your details in the enrollment form
  • Finish

To save your private key:

  • Go to: Certificates snap in in the MMC
  • Select Requests
  • Select All Task
  • Select Export

Courtesy by: comodo