GENERATE A CSR IN MICROSOFT IIS 4.0

Resolution

To generate a CSR in Microsoft IIS 4.0 follow the instructions below:

An Important Note Before You Start:

By far the most common problem users have when going through this process is related to private keys.

You will need to install the certificate  we give you, on the key you first created using Key Manager.

If you lose or cannot access a private key, you cannot use the certificate we issue to you.

To ensure this never happens, just create a back up of your key , commit to changes and make a note of the password!

Doing these three things will save you trouble in the future.

  1. Create your key pair:
    Open the Microsoft Management Console (MMC) for IIS (available in the Windows NT 4.0 Option Pack > Microsoft Internet Information Server > Internet Service Manager.
    In the MMC, Expand the Internet Information Server folder and expand the computer name.
    Open the properties window for the website the CSR is for. You can do this by right clicking on the website.
    Open Directory Security Folder.
    Go to the Secure Communications area of this Property Sheet.
    Open Key Manager.  Select WWW.  Go to "Key", then select "Create New Key?"
  2. Create the CSR:
    Select "Put the request in a file that you will send to an authority" and give you file a path and a name that you will remember. Then click "Next"
  3. Enter a Password for the Private Key:
    Note: if you forget this password you will not be able to install your certificate. This password is kept locally and we have nothing to do with it.
    If you forget it, we cannot tell you what it is and you will have to buy another certificate. Read more about our Key or Password Loss policy. 
    If your server is 40 bit enabled, you will generate a 512 bit key only. 128 bit versions can generate up to 1024 bit keys.
    We suggest you select 1024 bit.
  4. Fill in the details that you want in the certificate: Organisation name; Organisation unit.
    The common name is the web address that the certificate will be securing.
    Then click "Next" Do not use any of the following characters in the CSR fields: [! @ # $ % ^ * ( ) ~ ? > < & / \ , . " ']
  5. Then choose your Country Code, enter your State and City.
    and then click "Next"
    Do not use any of the following characters in the CSR fields:[! @ # $ % ^ * ( ) ~ ? > < & / \ , . " '] 
  6. Enter your Name, email address and phone number
    Then click "Next" 
  7. Finish the Key Generation process
    Now you have created your CSR. You can now click "Finish" to complete the process.  
  8. Commit Changes
    This is possibly the most important step in the process.Do not forget to Commit Changes before you exit.
  9. If you don't click on the YES button your private key will not be saved to the registry and the certificate you ultimately receive from
    Thawte will not install and you will have to buy another one. See our tough Key Loss Policy guidelines. Make very sure you Commit all changes.
  10. To backup your private key, follow the instructions at this solution: SO7058
  11. Commit Changes again.
    Do not forget to Commit Changes again before you exit.
Was this answer helpful? 0 Users Found This Useful (0 Votes)