Fun with certificates

Posted on by Glenn

Good morning. I have had a few requests for an article on how to work with certificates, specifically the SSL variety. In this article we are going to walk through the whole process, from the CSR (Certificate Signing Request) to exporting a certificate. The process need not be a mystery any longer. So let’s get started.

The first step is to create the CSR. There are a couple ways to do this. In this article we will use IIS (Internet Information Services) to create the request. If you do not want to use IIS or do not have it installed, there is a very good article on using certreq.exe here.

  1. Launch IIS. Right-click the Windows icon in the bottom left corner and choose the run option. Type inetmgr and press enter.
  2. Click the name of the server on the left and then double-click Server Certificates in the middle section.

  3. Choose the option to “Create Certificate Request” from the actions pane on the right. This will launch the CSR wizard.

  4. Fill out the certificate information. The common name is the domain name that the certificate will be used for. You will want to change it and the other fields to match your needs. Once completed, click Next.
  5. By default the bit length is set to 1024 bytes. Change this to 2048 and click Next.

  6. Give it a filename and click Finish.

Now that the CSR is created it will need to be submitted to the 3rd party CA (Certificate Authority) of choice. Once that process is completed and a certificate file provided, the last step can be completed.

The last step is to complete the certificate request. You will want to launch IIS and go to Server Certificates as explained above. Then proceed with detailed steps below.

  1. Choose the option to “Complete Certificate Request” from the actions pane on the right. This will launch the Complete Certificate Request dialog.

  2. Provide the path to the certificate file received from the 3rd party CA, give it a friendly name and click OK.

At this point the certificate is installed and ready to use. If you want to know more about how certificates work be on the lookout for an upcoming post that goes into more detail. I will update this post with a direct link when that article is created.

I hope you have found this post useful. If you have anything you want to add or think I missed something, please use the comments section below. If you made it this far, thanks for reading.

Leave a comment