SharePoint 2010: Using Microsoft IIS 7 for CSR Creation

SharePoint 2010

Microsoft SharePoint 2010 does not include a GUI for creating a CSR. Because SharePoint 2010 is designed to run on Microsoft IIS 7, you can use IIS 7 to create your CSR.

  • For a simple way to create a CSR that works on any Microsoft server platform, you can use the DigiCert® Certificate Utility for Windows. See CSR Creation Instructions for Microsoft Servers. For more information about this utility, see DigiCert® Certificate Utility for Windows.

  • If you already have your SSL Certificate and just need to install it, see Microsoft SharePoint 2010: SSL Certificate Installation Instructions.

  • If you have any questions or would like expert help with your installation feel free to chat with an SSL expert - they are ready to help regardless of where you purchased your SSL certificate.

    • SharePoint 2010: How To Create a CSR Using Microsoft IIS 7

    1. Open Internet Information Services (IIS) Manager.

      On the Windows Start menu, in the sidebar on the right, click Administrative Tools > Internet Information Services (IIS) Manager.

    2. In Internet Information Services (IIS) Manager, under Connections, click your server’s Hostname.

      IIS 7 Security Certificates

    3. In the center menu, in the IIS section, double-click the Server Certificates icon.

    4. In the Actions menu, click Create Certificate Request to open the Request Certificate wizard.

      IIS 7 Create Certificate Request

    5. On the Distinguished Name Properties page, enter the following information:

      Common name: Enter the name that you want to use to access the certificate. This name is usually the fully-qualified domain name.
      For example, www.domain.com or mail.domain.com.
      Organization: Enter the legally registered name of your organization/company.
      Organizational Unit: Enter the name of your department within the organization. For example, you can enter IT or Web Security.
      You can also leave it blank.
      City/locality: Enter the city in which your organization/company is located.
      State/province: Enter the state/province in which your organization/company is located.
      Country/region: Type or select your two-digit country code from the drop-down list.
      If necessary, you can find your two-digit country code in our SSL Certificate Country Codes list.

      IIS 7 Distinguished Name Properties

    6. When you are finished, click Next.

    7. On the Cryptographic Service Provider Properties page, enter the following information:

      Cryptographic service provider: In the drop-down list, select Microsoft RSA SChannel Cryptographic Provider,
      unless you have a specific cryptographic provider.
      Bit length: In the drop-down list, select 2048.

      IIS 7 Cryptographic Service Provider Properties

    8. When you are finished, click Next.

    9. On the File Name page, click the box to browse to a location where you want to save the CSR file, enter the filename, and then click Open.

      Note:  If you only enter the filename without selecting a location, your CSR file is saved to the following location: C:\Windows\System32.

      IIS 7 CSR Pending Request Filename

    10. Make sure to note the filename and the location where you saved your CSR file.

      You need to open this file as a text file, copy the entire body of the text file (including the Begin New Certificate Request and End New Certificate Request tags), and paste it into the online order process when you are prompted.

    11. Click Finish.

    12. After you receive your SSL Certificate from DigiCert, you can install it.

      See Microsoft SharePoint 2010: SSL Certificate Installation Instructions.


Related Links

SSL Certificates

SSL Support