To generate a Certificate Signing Request (CSR) for Windows SharePoint you will need to create a key pair for your server, the public key and private key. These two items are a digital certificate key pair and cannot be separated. On Windows type systems PFX/PKCS12 requests are made, and are stored on the system. The private key will remain hidden on the windows system where the CSR request is made.
In order to generate this CSR keypair and set up the services for SharePoint, Windows Internet Information Services (IIS) is used.
To generate a CSR on Windows IIS 7 & 7.5 for SharePoint 2010 perform the following.
Step 1: Generating your CSR:
- Choose Start > Administrative Tools > Internet Information Services (IIS) Manager.
- In the IIS Manager, choose your server name.
- In the Features pane (the middle pane), double-click the Server Certificates option located under the Security heading.
- From the Actions pane, click Create Certificate Request.
- Specify the required information:
- Common Name (CN): The Common Name is the Host + Domain Name. It looks like “www.company.com” or “company.com”
- Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll, for example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
- Organizational Unit (OU): This field is the name of the department or organization unit making the request.
- Locality or City (L): The Locality field is the city or town name, for example: Boston.
- State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California.
- Country Name (C): Use the two-letter code without punctuation for country, for example:
US or CA.
- Click Next.
- Choose cryptography options. leave at default, Microsoft RSA SChannel Cryptographic Provider.
- From the Bit Length drop down select 2048.
- Click Next.
- Click the box with the 3 periods.
- Specify a file name for the certificate request to a location and directory of your choosing.
- Click Finish.
Your CSR request has been created and is ready for you to copy and paste its contents into the enrollment portal.
If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.
For installation instructions please visit our article Microsoft SharePoint 2010 – SSL Installation
For more information refer to Microsoft