Skip to main content

Generate SSL Certificate Signing Requests

Questions about how to generate a Certificate Signing Request (CSR) file in Microsoft IIS, Linux, Apache or other platforms

This article applies to: SSL Server Certificate


How do I generate a Certificate Signing Request (CSR) file in Microsoft IIS 6.0 without removing the existing certificate?

To generate a new CSR without removing the current certificate, a temporary website must be created. This workaround will apply for IIS servers that currently have certificates installed, but a new CSR (with different key size,etc) needs to be created. Creating a temporary website allows you to keep a current certificate active on the site while another certificate request is pending.

Step 1: Generate a Certificate Signing Request (CSR) file without removing the existing certificate

  1. Click Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manager.
  2. Right-click Web Sites.
  3. Select New > Web Site.
  4. The Web Site Creation Wizard will open. Enter Temporary as the web site nameĀ > click Next.
  5. Note: In the Wizard simply bypass all settings by clicking Next. However, you will need to specify a path. The directory you select is completely arbitrary and will not affect the CSR generation.
  6. Click Finish.
  7. Note: The temporary web site does not need to be started for this process.
  8. Right click the temporary site > select Properties > Directory Security > Server Certificate.
  9. Select Create a New Certificate.
  10. Note: choose 2048 bit key length. In Common name field, enter the domain name of the site that you are going to renew the SSL cert for.
  11. Click Finish.

Step 2: Install SSL certificate

Once you receive the new certificate, download it, then:

  1. Right-click the temporary site > select Properties > Directory Security > Server certificate.
  2. Select Process the Pending Request.
  3. Complete the wizard to install the certificate.
  4. Right-click the production site > select Properties > Directory Security > Server certificate.
  5. Select Replace the current certificate.
  6. Select the certificate that you have just installed > click Finish.
  7. Stop and Start the website.

How do I generate a Certificate Signing Request (CSR) in Linux using Open SSL?

See the documentation on the Comodo site: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1/0/csr-generation-using-openssl-apache-wmod_ssl-nginx-os-x

How do I generate a Certificate Signing Request (CSR) for other platforms?

See this information on the Comodo site: https://support.comodo.com/index.php?/Default/Knowledgebase/List/Index/19

How do I create a Certificate Signing Request (CSR) for Apache/Linux/Openssl?

See the information on the Comodo site: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1/19/csr-generation-using-openssl-apache-wmod_ssl-nginx-os-x

Was this page helpful?

Your feedback helps improve the site.

Comments?