To generate a CSR, you will need to create a key pair for your server.
NOTE: A key length of 1024 bit is the default, but Geotrust recommends the use of a 2048 bit key. If the request is intended for an Extended Validation certificate or a certificate with a validity period beyond December 31, 2013, the 2048 bit key length will need to be selected.
If you are renewing a previous certificate with IIS that has a 1024 bit key length, refer to the following solution for steps on creating a new CSR with a 2048 bit length without removing the previous certificate.
Generate a certificate signing request (CSR) file
- Open the Internet Serivces Manager. Click Start > All Programs > Administrative Tools > Internet Services Manager.
- Open the Properties window by right-clicking on the name of the Web site you wish to secure.
- Click the Directory Security tab.
- Click Server Certificate in the Secure communications section. If you have not used this option before the Edit button will not be active.
- Select Create a new certificate. NOTE: If you are renewing an SSL certificate, select Renew the Current Certificate. This will generate a CSR based on the information of the certificate currently installed on the server.
- Select Prepare the request now, but send it later. Geotrust only accepts CSR’s through the enrollment process forms. We do not accept CSR’s via email.
- Enter a Name for the certificate. Please note that this is not the Common Name of the certificate request. Select the bit length of 2048 for the certificate.
- Provide the Organization and the Organizational Unit information and click Next.
- Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
- Organizational Unit (OU): This field is the name of the department or organization unit making the request.
- Common Name (CN): The Common Name is the Host + Domain Name. It looks like “www.company.com” or “company.com”.
- Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
- State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California.
- Locality or City (L): The Locality field is the city or town name