How To Generate CSR For Wildcard SSL Certificate In IIS 7?

Step by Step Guide To Generate CSR For Wildcard SSL Certificate In IIS 7.

Wildcard SSL Certificate is a required SSL certificate for businesses who carry their business on subdomains and want to secure all of them under a single security solution. To get a wildcard certificate on the server, you need to first create a CSR and a private key. In this article, we will talk about CSR generation for a wildcard for Apache + Mod SSL + OpenSSL as well as the IIS platform. First, we will know how to create a private key in OpenSSL.

How to Create a Private key on OpenSSL?

OpenSSL is a free command-line tool for SSL and TLS protocols also used in general as a cryptographic library. OpenSSL should be installed on /usr/local/ssl/bin path.Before generating a private key, you should decide the key algorithm, size of a key, a passphrase (optional). Below is an example of a command used to generate a private key.

openssl genrsa -out private-key.pem 2048

The private key is now generated in your current directory naming private-key.pem where 2048-bit is key size. The generated key format would be PEM. When you do not keep a passphrase for a private key, you should keep restrictions to server access as only admin persons should have access to the server. A private key with a passphrase will look as follow.

opensslgenrsa -des3 -out .key 2048

However, you can use the below command to decode the private key.

openssl rsa -text -in private-key.pem -noout

A decoded private key will look like a gibberish raw of characters that you can see below the image.

rsa private key example

How to create a CSR (certificate signing request) on OpenSSL?

After generating a private key, you should now generate a CSR on OpenSSL.

opensslreq -new -key .key -out .csr

NOTE: To directly access OpenSSL.cnf on the windows server, you can follow the below path.

opensslreq -new -key .key -config

“c:\Apache Software Foundation\Apache2.2\conf\openssl.cnf”-out .csr

Enter CSR Details:

After applying the OpenSSL command for CSR generation, it is time to enter CSR details.

  • Common Name: It is an FQDN (Fully Qualified Domain Name) you want to add and secure with the certificate. For example, https://www.clickssl.net
  • Organization: Here, you need to put your organization’s legal registered name.
  • Organization Unit (OU): The department from which the SSL request has been made like HR, IT, etc.
  • City or Locality: A city or locality where your business is located.
  • State or Province: A state where an organization is incorporated.
  • Country: A country in which an organization is legally incorporated. It should be a two-letter country code.

How To Generate CSR For Wildcard SSL Certificate In IIS 7?

Here, we have enumerated the CSR generation for the installation of Wildcard SSL on IIS 7.

IIS is an internet information server created by Microsoft for the use of the window. It supports HTTP, HTTPS, FTP, SMTP, and NNTP. It carries request filter, which rejects suspicious URL and thus reduces the attack. As we know, SSL certificates are the most trusted certificate all over the world.

Generate Certificate Signing Request (CSR)

Step #1: Open Internet Information Services (IIS) Manager and click on the name of the server in the connections column on the left and double-click on “Server Certificates”.

server certificates

Step #2: Go to the right in the Actions column, click on “Create Certificate Request”.

create certificate request

Step #3: Enter all of the subsequent information about your company and the domain you are securing and then click “Next”.

request certificate

Step #4: Allow the default Cryptographic Service Provider. Rise the Bit length to 2048 bit or higher. Click Next.

cryptographic service provider properties

Step #5: Browse the filename to save the request certificate and click Finish. You will require that contents of this file to enroll an SSL Certificate.

save your certificate

Request Certificate from Certificate Provider

Now, you have certificate signing request (CSR). Choose your Wildcard SSL Certificate and provide company information to verify your identity.

Comodo Positive SSL Wildcard

RapidSSL Wildcard

Comodo PositiveSSL Multi-Domain Wildcard

Our Cheapest Price $45.00/yr. $100.80/yr. $90.00/yr.
Buy Now Buy Now Buy Now
CA Price $239.04/yr. $192.37/yr. $383.04/yr.
Secure Unlimited Subdomains Unlimited Subdomains Multiple Domains & Its All Subdomains
Validation Type Domain Domain Domain
Issuance Time 10 Minutes 10 Minutes 10 Minutes
SSL Encryption 256-bit 256-bit 256-bit
Key Encryption 2048 bits 2048 bits 2048 bits
Server Licenses Unlimited Unlimited Unlimited
Google Rankings Boost Yes Yes Yes
WebTrust Seal Yes Yes Yes
Reissue Policy Yes Yes Yes
EV Support No No No
Wildcard Support Yes Yes Yes
SAN / UCC Support No No Yes
Browser Support 99% 99% 99%
OS Support Yes Yes Yes
Smartphone Support Yes Yes Yes
Warranty By CA USD $10,000 USD $10,000 USD $10,000
Refund Policy 30 days 30 days 30 days
Free Reissuance Yes Yes Yes
Support Yes Yes Yes
Buy Now Buy Now Buy Now

The certificate request process varies by Certificate Authority. Now, open the .txt file which contains the certificate request. Copy the encrypted certificate request and paste it in the appropriate field on the order form.

When you fulfill the certificate request form and endow it with payment, please check your email to get an SSL Certificate delivered by the certificate provider.

After generating your CSR, you will receive the certificate from the certificate vendor. Now you can proceed to install your certificate. Our next article will explain in detail How to Install Wildcard SSL Certificate in IIS 7.

 

We Assure to Serve

Leading Brands

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.