How To Generate CSR For a Wildcard SSL Certificate In IIS 7

As we know that Wildcard SSL Certificate is a much-needed SSL certificate for those organizations who run their business on various sub-domains. Installation of Wildcard Certificate on IIS 7 requires a specific process, which should be completed with extra care. However, before the installation of SSL certificate on server like Microsoft’s IIS 7, you should have better knowledge of generating CSR for SSL certificate. In this piece of information, we would like to make you aware about to generate CSR for Wildcard SSL certificate in IIS 7. Let’s know about CSR before generating CSR for SSL certificate.

Certificate authority needs information to verify the applicant before issuing certificate. In Public Key Infrastructure (PKI), an applicant provides CSR (Certificate Signing Request) to the certificate provider to get a digital identity certificate. The CSR contains public key and private key, which should be generated by the applicant. The CSR must occupy the information required by the certificate authority: Distinguished name, Business name, Town, Department name, country, region, generic email address. To identify the server name for which a certificate request is made, the CSR also includes fully qualified host name of the server. To verify the CSR, an applicant must provide the hostname and key size. According to latest encryption standard, the length of CSR key is 2048-bit or higher.

Step 1

For the first step lets open Internet Information Services (IIS) Manager and click on the name of the server in the connections column on the left and double-click on “Server Certificates”. (Click on the Image for a full size view)

Step 2

Looking to the right Actions column, click on “Create Certificate Request”.

Step 3

Next we’re going to enter all of the information about your company and the domain you are securing and then click “Next”.
If this is going to be a wildcard certificate, make sure to put the *.

Step 4

Use the default Cryptographic Service Provider and make sure you use 2048 bit or higher, then click Next.

Step 5

Browse the filename to save the request certificate and click Finish. You will require that contents of this file to enroll an SSL Certificate.