Google Chrome plans to distrust Symantec, GeoTrust, Thawte SSLs.   Chat Now  or    Call (888) 266-6361 to switch to a trusted SSL.
Home » SSL CSR Generation » Microsoft IIS 5.x / 6.x

Contact Sales


Tel: +1 (888) 266-6361
Tel: +1 (703) 581-6361

Supported Browsers:

SSL Browser


Webtrust Webtrust
EV Code Signing Certificate Authority SSL Certificate Authority
Certification Authorities

A CSR is a file containing your IIS SSL Certificate application information, including your Public Key.

SSL Certificate Auto-Installer:

Comodo provides a useful tool to automatically create a public/private key pair on your local machine and then use this key pair to generate a CSR and automatically submit it to Comodo over a secure SSL connection to create your certificate for IIS 6.0.

You can then collect and automatically install the certificate onto an IIS 6.0 web server.

Click here for the SSL Certificate Auto-Installer

Or generate keys and SSL Certificate Signing Request manually:

  1. Select Administrative Tools
  2. Start Internet Services Manager

SSL Certificate Signing Request

  1. Open the properties window for the website the CSR is for. You can do this by right clicking on the Default Website and selecting Properties from the menu
  2. Open Directory Security by right clicking on the Directory Security tab

Direct Security in IIS

  1. Click Server Certificate. The following Wizard will appear:

IIS SSL Server Certificate

  1. Click Create a new certificate and click Next.

Note: If you do not see the above screenshot, you probably already have an SSL Certificate on the website you're using. Please follow these on how to create a CSR without removing the current certificate.

SSL Certificate Request in IIS

  1. Select Prepare the request and click Next.

IIS SSL Security Settings

  1. Provide a name for the certificate, this needs to be easily identifiable if you are working with multiple domains. This is for your records only.
  2. For Bit length please use 2048 and then Click Next

IIS Organization Information

  1. Enter Organization and Organization Unit, these are your company name and department respectively. Click Next.

Your Site's Common Name

  1. The Common Name field should be the Fully Qualified Domain Name (FQDN) or the web address for which you plan to use your IIS SSL Certificate, e.g. the area of your site you wish customers to connect to using SSL. For example, an Instant SSL Certificate issued for will not be valid for If the web address to be used for SSL is, ensure that the common name submitted in the CSR is For Wildcard SSL certificate the Common Name must contain at least one asterisks (*) Example: *, *, etc.
  2. Click Next. once you have entered the common name.

IIS Geographical Information

  1. Enter your country, state and city. Click Next.

IIS SSL server certificate - file name

  1. Enter a filename and location to save your CSR. You will need this CSR to enroll for your IIS SSL Certificate. Click Next.

IIS SSL server certificate - file summary

  1. Check the details you have entered. If you have made a mistake click Back and amend the details. Be especially sure to check the domain name the Certificate is to be "Issued To". Your IIS SSL Certificate will only work on this domain. Click Next when you are happy the details are absolutely correct.
  1. When you make your application, make sure you include the CSR in its entirety in the appropriate section of the enrollment form - including
  2. Click Next
  3. Confirm your details in the enrollment form
  4. Finish

To save your private key:

  1. Go to: Certificates snap in in the MMC
  2. Select Requests
  3. Select All tasks
  4. Select Export

We recommend that you make a note of your password and back up your key, as these are known only to you; if you lose them we can't help! We recommend that you use a floppy diskette or other removable media for your backup files.

Related Articles: Backing up and Restoring the Pending Request (Key)