CSR Generation: Using certreq (Windows)

This article is for administrators who prefer the command shell!
Save the following file as request.inf on your server editing the subject according to the comment:

;----------------- request.inf -----------------

Signature="$Windows NT$"

Subject = "C=US, CN=something.example.com"

KeySpec = 1
KeyLength = 2048
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
HashAlgorithm = SHA256

OID= ; this is for Server Authentication / Token Signing

then run
C:\\>certreq -new request.inf request.csr

Related Articles

Certificate Installation: Using certreq (Windows)
How to enable LDAP over SSL with a third-party certification authority (support.microsoft.com)​​​​​​​
Certreq (technet.microsoft.com)