Microsoft Internet Information Server (IIS) 4.0

Follow these instructions to generate a CSR for your Web site. When you have completed this process, click the "close" button below to close this window and continue to the next step.

You must have Service Pack 4 or highter or MS Internet Explorer 5 and higher

1. Open the Key Manager. Go to the Key menu and select Create New Key

2. Select Put the request in a file that you will send to an authority. Enter a file and path in the text box that you will remember.
   Example: C:\NewKeyRq.txt.
   Click Next.

3. Enter your key name as specified in the previous step. Enter and confirm a password.

Warning: If you lose the password, you must purchase another certificate.

4. When creating a CSR you must follow these conventions.
   
   Enter the Distinguished Name Field information.
   
   The following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?&.

   Distinguished Name Field Explanation

   
   

   1. Common Name
      The fully qualified domain name for your web server. This must be an exact match.
      example: If you intend to secure the URL https://www.geotrust.com, then your CSR's common name must be www.geotrust.com.

   2. Organization
      The exact legal name of your organization. Do not abbreviate your organization name.
      example: GeoTrust Inc.

   3. Organization Unit
      Section of the organization
      example: Marketing

   4. City or Locality
      The city where your organization is legally located.
      example: Atlanta

   5. State/Province
      The state or province where your organization is legally located. Can not be abbreviated.
      example: Georgia

   6. Country
      The two-letter ISO abbreviation for your country.
      example: US = United States

   7. Administrator Name
      Contact Name
      example: John Smith

   8. Email Address
      Contact Email
      example: john.smith@geotrust.com

   9. Phone Number
      Contact Phone
      example: 555-555-1212

5. After you close out of the key manager, click on Yes to Commit all Changes.

Warning: If you do not click yes, your private key will not be saved and your certificate from GeoTrust will not install.

6. Submit your CSR to GeoTrust by clicking on Continue, you will be asked to complete the agreement and the enrollment form as well.

Note: Remember to back up your key pair file.

Backing up your key pair file

Unlike other files, key pair files cannot just be copied. To create a back up, you must "export" your key. To restore your certificate, you must "import" your key.

This process assumes identical web server configurations are used for exporting the key as well as for importing the key. So both servers must be IIS. You can't go from one type of server to another.

Exporting your key (This will be your pending request)

1. Open your Microsoft Management Console via the IIS Internet Service Manager.

2. Click to open the Key Manager.

3. Select the key to be exported. (The key with the slash)

4. Select the Key menu and choose Export Key Backup File. Click OK in the Key Manager Warning box.

5. Specify the destination for saving your key, press OK.

6. Close your Key Manager and Management Console windows.

7. Please remember your password that was used to install your certificate. You will need this password if you ever need to recover your certificate through the import process.

8. Submit your CSR to GeoTrust by clicking on Continue, you will be asked to complete the agreement and the enrollment form as well.