Certificate Signing Request (CSR) Help
For Microsoft IIS 7
Jump to steps
Before generating a certificate signing request for a domain in IIS 7, ensure that you have an IIS 7 role added to your server. To verify that IIS 7 is installed on the server, open your Web browser and go to http://localhost/. If ISS 7 is installed, you will see the following page:
Note:
Do not use
commas in any of the fields when creating your Certificate Signing Request (CSR). Commas are interpreted as the end of the field and will cause an invalid CSR to be generated.
Do not use
any of the following characters in the Web server Distinguished Name: ! @ # $ % ^ * ( ) ~ ? > < & / \
Here are the steps to create a CSR using Microsoft IIS 7
1. Launch the Internet Information Services (IIS) Manager:
Start > Programs > Administrative
Tools > Internet
Information Services (IIS) Manager
2. In the
Connections
pane on the left, select the correct server name.
3. Open the Server Certificates features by double-clicking the Server Certificates icon located in the middle menu of the IIS Manager window.
4. In the Actions pane on the right, click
Create Certificate Request
to open the
Request Certificate
wizard.
Note
: if you already have a certificate that is near expiration date and you need to renew it, select
Create Certificate Request.
Do not use the
Renew
option on the certificate from the Server Certificates action menu. The renewal function can sometimes create an incompatible CSR.
5. Enter the Distinguished Name information in the Distinguished Name Properties window in the wizard:
Attribute |
Prefix |
Description |
Example |
Common name |
cn |
Domain to be secured by certificate |
iis7cert.entrust.com |
Organization |
o |
Organization’s legal business name |
Entrust Inc. |
Organizational Unit |
ou |
Department in the organization |
Certificate Dep. |
City/Locality |
l |
Business location - city |
Ottawa |
State/Province |
st |
Business location – state/province |
Ontario |
Country/Region |
c |
Business location - country |
CA |
6. Click Next .
7. Select Microsoft RSA Channel Cryptographic Provider as the Cryptographic service provider . For Bit Length , select 2048 .
Click Next .
8. In the following window, specify the location and file name for your CSR. Take note of where the CSR is being stored, as you will need to access this file when you request a certificate. The file should contain a CSR similar to this:
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIEhDCCA2wCAQAwgYAxCzAJBgNVBAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMQ8w
DQYDVQQHDAZPdHRhd2ExFTATBgNVBAoMDEVudHJ1c3QgSW5jLjEZMBcGA1UECwwQ
Q2VydGlmaWNhdGUgRGVwLjEcMBoGA1UEAwwTaWlzN2NlcnQuZW50cnVzdC5jYTCC
.
.
.
OOqRZhp/bkDjEWW+OO1Z7hAnB1gcN4t1Q7TO3gZwyO9Yarv7gkPXCsCIMwJkhmzB
X4n6sJ5KGAUQj+Qx6VDeyTzG6w8hTvXH0ILxVb7LYg12vcrt2O3wKdBwRdcPNtLO
8nK2lCzuiMwL+cM8XJroaYCtr8A8mDHLCTQHy1y5PReZ2wYIChPWVwzzrhWo7XZ5
Vmcczl6amkU=
-----END NEW CERTIFICATE REQUEST-----
9. Open the generated file containing the newly created Certificate Signing Request (CSR) and copy its content into the specified field when you are requesting a certificate from Entrust.
Note:
Copy the full CSR including the lines. Make sure that here are no trailing spaces or carriage returns in the CSR.
-----BEGIN NEW CERTIFICATE REQUEST-----
-----END NEW CERTIFICATE REQUEST-----
If you have any questions or concerns please contact the
Entrust Certificate Services Support
department for further assistance:
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE:
It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
Country | Number |
Australia |
0011 - 800-3687-7863
1-800-767-513 |
Austria | 00 - 800-3687-7863 |
Belgium | 00 - 800-3687-7863 |
Denmark | 00 - 800-3687-7863 |
Finland |
990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet) |
France | 00 - 800-3687-7863 |
Germany | 00 - 800-3687-7863 |
Hong Kong |
001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax) |
Ireland | 00 - 800-3687-7863 |
Israel | 014 - 800-3687-7863 |
Italy | 00 - 800-3687-7863 |
Japan |
001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ) 0061 - 800-3687-7863 (IDC) |
Korea |
001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom) |
Malaysia | 00 - 800-3687-7863 |
Netherlands | 00 - 800-3687-7863 |
New Zealand |
00 - 800-3687-7863
0800-4413101 |
Norway | 00 - 800-3687-7863 |
Singapore | 001 - 800-3687-7863 |
Spain | 00 - 800-3687-7863 |
Sweden |
00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2) |
Switzerland | 00 - 800-3687-7863 |
Taiwan | 00 - 800-3687-7863 |
United Kingdom |
00 - 800-3687-7863
0800 121 6078 +44 (0) 118 953 3088 |