Microsoft Forefront TMG: Creating a CSR Using the DigiCert® Certificate Utility for Windows
Because Microsoft’s Forefront TMG server platform does not include an easy GUI method to create a CSR, we recommend that you use the DigiCert® Certificate Utility for Windows to create your CSR. For more information about this tool, see DigiCert® Certificate Utility for Windows.
If you already used the DigiCert Certificate Utility to generate your CSR, DigiCert has already issued your SSL Certificate, and just need to use the utility to install the certificate on your Forefront TMG Server, see Microsoft Forefront TMG: SSL Certificate Installation Instructions.
Forefront TMG: Using the DigiCert® Certificate Utility for Windows to Generate a CSR
On your Windows Forefront TMG Server, download and save the DigiCert® Certificate Utility for Windows executable (DigiCertUtil.exe).
Run the DigiCert® Certificate Utility for Windows.
In the DigiCert Certificate Utility for Windows©, click SSL (gold lock) and then, click Create CSR.
On the Create CSR page, enter the following information:
Certificate Type: Select SSL. Common Name: Enter the fully qualified domain name (i.e. www.example.com). You may also enter the IP address. Subject Alternative Names: If you are requesting a Multi-Domain (SAN) Certificate, enter any SANs that you want to include. (i.e. www.example.com, www.example2.com, and www.example3.net) Organization: Enter your company’s legally registered name (i.e. YourCompany, Inc.). Department: (Optional) Enter the department within your organization that you want to appear on the SSL Certificate. City: Enter the city where your company is legally located. State: In the drop-down list, select the state where your company is legally located. If your company is located outside the USA, you can enter the applicable name in the box. Country: In the drop-down list, select the country where your company is legally located. Key Size: In the drop-down list, select 2048. Provider: In the drop-down list, select Microsoft RSA SChannel Cryptographic Provider, unless you have a specific cryptographic provider.
On DigiCert Certificate Utility for Windows® - Create CSR page, do one of the following, and then, click Close:
Click Copy CSR. Copies the certificate contents to the clipboard. If you use this option, we recommend that you paste the CSR into a tool such as Notepad. If you forget and copy some other item, you still have access to the CSR, and you do not have to go back and recreate it. Click Save to File. Saves the CSR as a .txt file to the Windows server. We recommend that you use this option.
After you receive your SSL Certificate from DigiCert, you can install it.
You can also use the DigiCert® Certificate Utility for Windows to export or import a certificate from one server to another as a .pfx file. See DigiCert SSL Cert Util SSL Import/Export Instructions.