IIS 10/Windows Server 2016: Generate CSRs (Certificate Signing Requests)
Before you can request a certificate through our online application, you need to use Microsoft®'s IIS Manager to generate a Certificate Signing Request (CSR) for your website.
- In the Windows start menu, type Internet Information Services (IIS) Manager.
- Once you have the IIS manager open, go to the Connections panel on the left, click the server name for which you want to generate the CSR.
- In the middle panel, double-click Server Certificates.
- In the Actions panel on the right, click Create Certificate Request....
- Enter the following Distinguished Name Properties, and then click Next:
Note: The following characters are not accepted when entering information: < > ~ ! @ # $ % ^ * / \ ( ) ? &
- Common Name — The fully-qualified domain name (FQDN) — or URL — for which you plan to use your certificate (the area of your site you want customers to connect to using SSL).
- An SSL certificate issued for www.coolexample.com is not valid for secure.coolexample.com. If you want your SSL to cover secure.coolexample.com, make sure the common name submitted in the CSR is secure.coolexample.com.
- If you are requesting a wildcard certificate, add an asterisk (*) on the left side of the Common Name (e.g., *.coolexample.com or *.secure.coolexample.com).
- Organization — The name in which your business is legally registered. The organization must be the legal registrant of the domain name in the certificate request.
Note: If you are enrolling as an individual, enter the certificate requester's name in the Organization field, and the Doing Business As (DBA) name in the Organizational Unit field.
- Organizational Unit — Use this field to differentiate between divisions within an organization (such as "Engineering" or "Human Resources").
- City/Locality — The full name of the city in which your organization is registered/located. Do not abbreviate.
- State/Province — The full name of the state or province where your organization is located. Do not abbreviate.
- Country — The two-letter International Organization for Standardization- (ISO-) format country code for the country in which your organization is legally registered.
- Common Name — The fully-qualified domain name (FQDN) — or URL — for which you plan to use your certificate (the area of your site you want customers to connect to using SSL).
- For Cryptographic service provider, select Microsoft RSA SChannel Cryptographic Provider.
- For Bit length, select 2048 or higher, and then click Next.
- Click …, enter the location and file name for your CSR, and then click Finish.
Next Steps
Note: As a courtesy, we provide information about how to use certain third-party products, but we do not endorse or directly support third-party products and we are not responsible for the functions or reliability of such products.