To generate a CSR, you first need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match and a replacement has to be made.
Geotrust recommends that you contact Sybase for additional information.
Generate a Private Key Pair
NOTE: A key length of 1024 bit is the default, but Geotrust recommends the use of a 2048 bit key.
If the request is intended for an Extended Validation certificate or a certificate with a validity period beyond December 31, 2013, the 2048 bit key length will need to be selected.
- Under Administrative Tools, open Internet Services Manager.
- Open the Properties window by right-clicking on the name of the Web site you wish to secure.
- Click the Directory Security tab.
- Click Server Certificate in the Secure communications section. If you have not used this option before the Edit button will not be active.
- Select Create a new certificate
- Select Prepare the request now, but send it later. Geotrust only accepts CSRs through the enrollment process forms. We do not accept CSRs over email.
- Complete the information requested by the IIS Certificate Wizard to create a private key that is stored locally on your server and a public key (the Certificate Signing Request) that you will use during the enrollment process. You have successfully generated a CSR file.
- Click Finish to exit the IIS Certificate Wizard. A CSR file has been generated.
- Go to the enrollment form and paste the information into the form when prompted for the CSR.