Microsoft IIS 4.0 Support
During the online enrollment process you will be required to provide Entrust Certificate Services with a Certificate Signing Request (CSR).
This encrypted data is generated from your IIS 4.0, and contains information about your company and web server.
It is important to review this guideline, as Entrust Certificate Services will use this information to generate your certificate.
To generate your Key Pair and Certificate Signing Request (CSR):
- Launch the Microsoft Management Console (MMC).
Select Start /Programs/ Windows NT.0 Option Pack/ Microsoft Internet Information Server/ Internet Service Manager - Locate and Highlight your web site from the left preview pane.
- Select the Key Manager icon from the toolbar.
- Expand Local Computer. Ensure WWW is selected/ highlighted.
- Select Key from the toolbar menu.
- Select Create New Key. The Create New Key Wizard is launched.
- Select Put the request in a file that you will send to an authority and enter a name for your Certificate Signing Request (CSR) file.
Select Next. - Supply a friendly name and a password for your new Private Key.
It is very important that you remember this password. If you forget it you will not be able to gain access to your Private Key.
Select a bit length value for your new Private Key. It is recommended that you choose a 1024-bit key if that option is available.
Select Next. - Supply the name of your company or organization in the field provided. This information should reflect the legally registered name of your company or organization.
This organization must own the domain name that appears in Common Name (CN) of your web server.
Do not use the following characters in any of the fields in the Create New Key Wizard: > < ! @ # $ % ^ * ( ) ~ ? / \.
If relevant, supply the name of your division or department in the Organizational Unit field provided.
Supply the Common Name (CN) of your web server in the field provided. This name must be identical to the fully qualified domain name of the web server for which you are requesting a certificate.
- If the web server name does not match the common name in the certificate, some browsers will refuse to establish a secure connection with your site.
- Do not specify the protocol (http://), any port numbers or pathnames in the Common Name (CN).
- Do not use wildcards such as * or ?.
- Select your Country from the available pull-down menu.
- Supply your State/Province information in the field provided.
Do not use abbreviations in any of the fields. - Supply your City/Locality in the field provided.
Select Next. - Supply your Name, Email address, and Phone number in the fields provided.
Select Next.
Select Finish
Select OK to complete the generation of your Certificate Signing Request (CSR). - Before closing the Key Manager:
Select Computer from the toolbar menu.
Select Commit Changes Now to save your information.
Select Yes when prompted with the dialogue alert.
You have successfully created your Private Key and Certificate Signing Request (CSR). You may safely close the Key Manager and Microsoft Management Console (MMC).
![[Certification Authorities - Webtrust - Deloitte]](/images/cert_services/deloitte_seal_sm.jpg)
