IIS 5 and 6 - Generate CSR

This manual applies to IIS 5.x, 6.x, Exchange 2000 and Exchange 2003. A different manual is available for IIS 7 and 8.

A Certificate Signing Request (CSR) is required when applying for an SSL certificate. This CSR (and private key) can be generated on your webserver. To request a wildcard certificate, fill in an * (asterisk) for the subdomain, for example *.sslcertificaten.nl (instead of www.sslcertificates.nl).

Note: when renewing your certificate, the option to create a new CSR is not standard in IIS. While not offered, it is necessary to create a new CSR in cases where the private key is 1024 bits LINK, since it is currently mandatory to use a 2048 bits key. If this is the case with your private key, the best solution is to create a temporary website LINK within IIS and create a CSR for that website, following the steps below. The certificate should also be installed LINK on this website. After rebooting, IIS will automatically move the certificate to the correct / active website, after which the temporary website can be removed again.

CSR Generation

  1. Go to Start → (Control Panel →) Administrative Tools and click either Internet Services Manager (5.x) or Internet Information Services (6.x).IIS 5 en 6 - Aanmaken CSR
  2. Right-click the website the certificate will protect (usually the Default Web Site) and select Properties.
  3. Click the Directory Security tab.IIS 5 en 6 - Aanmaken CSR
  4. Click Server Certificate. The IIS Certificate Wizard will now appear. Select the option Create a new certificate (or in case of a renewal: Renew current certificate) and click Next.IIS 5 en 6 - Aanmaken CSR
  5. Choose Prepare the request now, but send it later and click Next.IIS 5 en 6 - Aanmaken CSR
  6. To be able to differentiate when more than a single certificate is present, please enter a recognizable name for the new certificate (for example, the name of the domain for which the certificate is requested). Set the Bit Length to 2048 or 4096 and click Next.IIS 5 en 6 - Aanmaken CSR
  7. Fill out the name of the organization under Organization, the relevant department under Organizational unit and click Next.IIS 5 en 6 - Aanmaken CSR
  8. Fill out the FQDN (Fully Qualified Domain Name) of the website the certificate will protect under Common Name; for example www.sslcertificaten.nl. Click Next.IIS 5 en 6 - Aanmaken CSR
  9. Fill out the correct geographical information of your organization and click Next.IIS 5 en 6 - Aanmaken CSR
  10. Choose a location to save the file and click Next.IIS 5 en 6 - Aanmaken CSR
  11. Check the overview and ensure all of the information displayed is correct. If corrections need to be made, please click Back and change the relevant information. Click Next in the overview window when all information is correct, followed by clicking Finish.IIS 5 en 6 - Aanmaken CSR

To order a certificate, copy the entire contents of the generated CSR, including the first and last line and all dashes.

Order certficate

SSLCheck

Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues