How do I create a renewal CSR in IIS 5?

May 25, 2018 in SSL Technical FAQs

Create a new web site in IIS (see Related Items), then go to the 'Properties'--> 'Directory Security' -->'Server Certificate' tab.

Use the certificate wizard to create your new Key/CSR file.

Backup the private key file by following the instructions:

    • Start --> Run --> type mmc, select OK.
    • Go into the Console Tab --> Add/Remove Snap in
    • Click on Add --> Double Click on Certificates and Click on Add, click OK
    • Choose Computer Account, then Local Computer
    • Open up the Certificates Console Tree
    • Look for a folder called REQUEST, Certificates
    • Highlight the key that you wish to back up
    • Right click on the file and choose, All Tasks, Export
    • Follow the Certificate Export Wizard
    • Choose to mark the Private key as exportable
    • Leave default settings
    • Choose to save file on a set location.
    • It is important to take a copy of the private key and store it off the server; in the event that the server crashes.
    • Click Finish.
    • You will get message that the export was successful.
    • Save the resultant CSR file to your hard drive indicating it is a renewal CSR.
    • Use this CSR during the purchase process.
    • Once you receive the renewed certificate, install it using the wizard you used to create it on the same NEW website you created.

Install Certificate on Test site.

    • Once installed, go to the correct website you want the certificate to run on.
    • Go to 'Properties', 'Directory Security', 'Server Certificate', remove the certificate currently installed, and assign the certificate you installed in the previous step
    • Restart the WWW service
    • It is now safe to delete the temporary site.

Related Item:

Creating a New Web Site