To generate a Certificate Signing Request (CSR) for Server 2003 – IIS 6 you will need to create a key pair for your server the public key and private key. These two items are a digital certificate key pair and cannot be separated. On Windows type systems PFX/PKCS12 requests are made, and are stored on the system. The private key will remain hidden on the windows system where the CSR request is made.

Note: All certificates issued by a Certificate Authority must be SHA2/SHA256 algorithm due to industry standards by governing entities. IIS 6 Server 2003, has been known to not understand this Algorithm.  Installing a SHA2 certificate on your outdated system may not work. You may have to contact Microsoft for the best possible resolution.

Note: Microsoft ended support for Windows Server 2003 IIS 6 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.


Note: If you are Renewing a certificate on the Website for Server 2003 IIS 6 you will want to follow the instructions in this article IIS 6 CSR Instructions for Renewals


To generate a NEW CSR on Windows Server 2003 – IIS 6  perform the following.

Step 1: Generating your CSR:

  1. Under Administrative Tools, open Internet Services Manager.
  2. Open the Properties window by right-clicking on the name of the web site to be secured.
  3. Click the Directory Security tab.
  4. Click Server Certificate in the Secure communications section.
    If this option has not be used before the Edit button will not be active.
  5. Select Create a new certificate
  6. Select Prepare the request now, but send it later.
  7. Specify a friendly name for this certificate.  This will help identify the certificate if
    multiple certificates are installed.
  8. For the bit length, specify 2048.
  9. Click Next.
  10. Provide the Organization and the Organizational Unit information and click Next.
    • Organization (O): If the company or department has an &, @, or any other symbol using the
      shift key in its name, spell out the symbol or omit it to enroll.
    • Organizational Unit (OU): This field is the name of the department or organization unit making the request.
  11. Provide the Common Name and click Next.
    • Common Name (CN): The Common Name is the Host + Domain Name. It looks like “www.company.com” or “company.com” If you are enrolling for a wildcard certificate specify * in the sub domain. Example: *.doman.com
  12. Provide the Geographical Information for the Organization and Click Next.
    • Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
    • State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California
    • Locality or City (L): The Locality field is the city or town name, for example: Mountain View.
  13. Click Browse. Specify a file name and location to save the CSR. This CSR will be needed in order to enroll for an SSL certificate.
  14. Click Next.
  15. Confirm the CSR Summary Information.  Click Next > Finish.
  16. A CSR file has been generated.  To copy and paste the information into the enrollment form, open the file in a text editor that does not add extra characters (Notepad or Vi are recommended).Note: Upon completing the Certificate Wizard, it is important to leave the request pending for successful certificate installation on the website. DO NOT delete the pending request from the Certificate Wizard on the website. Doing so will prevent installation of the certificate that is returned.

Your CSR request has been created from your Server 2003 – IIS 6 system and is ready for you to copy and paste its contents into the enrollment portal.

If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.

Windows Support

For more information refer to Microsoft

For Server 2003 IIS 6 – certificate installation instructions click here


About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a Symantec Website Security Solutions Authorized Distributor and a Platinum Partner. Acmetek offers all 4 Brands of SSL Certificates,Symantec,Thawte, GeoTrust and RapidSSL.Offering Norton Shopping Guarantee that inspires trust and increases online sales with a 20x ROI Guarantee.

Contact an SSL Specialist to buy your SSL Certificates from Acmetek, a Symantec Strategic/Platinum Distributor.

Become a Partner and create additional revenue stream while the heavy lifting for you.