Learn how to generate CSR in IIS with Private key. Our IIS Support team is here to help you with your questions and concerns.

How to generate CSR with Private Key in IIS

We can secure our website or web application by generating a Certificate Signing Request (CSR).

Today, we are going to take a look at how to generate a CSR in Microsoft Internet Information Services (IIS):

1. First, click Start and head to Administrative Tools.
2. Then, we have to click Internet Information Services (IIS) Manager.
3. After that, select the server name and head to the center menu.
4. At this point, we have to double-click the “Server Certificates” button in the “Security” section.
5. Next, select “Create Certificate Request” from the Actions menu. This will open the Request Certificate wizard.
6. Then, enter the following information in the “Distinguished Name Properties” window:
   • Common Name
   • Organization
   • Organizational unit
   • City/locality
   • State/province
7. Now, click Next and head to the “Cryptographic Service Provider Properties” window.
8. We have to leave the settings at default values and click next.
9. Then, enter a filename for our CSR file.
10. Now, we have to remember the filename that we have chosen as well as its location. We have to open this file as a text file and copy the entire content to the online order process when prompted.

How to Back Up Private Key

1. First, head to Start on the Server and click Run.
2. Then, enter mmc in the text box and click OK.
3. Now, choose Add/Remove Snap-in under Console from the MMC menu bar.
4. Next, we have to click Add and choose Certificates from the list of snap-ins and then click on the Add button.
5. Then, choose the Computer account option and click Next.
6. At this point, we have to click the Local computer and click the Finish button.
7. Next, click the Close button on the snap-in list window and click the OK button on the Add/Remove Snap-in window.
8. Then, click Certificates and find the folder called REQUEST or “Certificate Enrollment Request” Certificates.
9. Now, choose the private key we want to back up. Then, right-click the file and choose Exports under All Tasks.
10. Once the certificate export wizard starts, click Next. After that, select “Yes, export the private key” and click Next.
11. We can leave the default settings as it is and click Next.
12. Then, set a password on the private key backup file before clicking Next.
13. At this point, we have to Click Browse and choose the location where we want to save the private key Backup file. Then click Next to continue.
14. Finally, click Finish.

How to convert to RSA Private Key Format

1. First, we have to download and install the latest version of OpenSSL from this link. http://www.slproweb.com/products/Win32OpenSSL.html
2. Then, enter C:\OpenSSL-Win32\bin> in the command prompt and run these commands:

   Set OPENSSL_CONF=c:\openssl-win32\bin\openssl.cfg
openssl pkcs12 -in filename.pfx -nocerts -out key.pem
openssl rsa -in key.pem -out myserver.key
3. At this point, the private key will be saved as ‘myserver.key’.
4. Now, we have to protect the private key by taking a backup.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

In brief, our Support Experts demonstrated how to generate CSR with a Private Key in IIS.