This workaround will apply for Microsoft IIS 6 server that currently have certificates installed on their website, but a new CSR with a new key-bit length or different information in the Distinguished Name needs to be created.
Creating a temporary website allows you to keep the current certificate active on the site while another certificate request is pending. After installing the certificate on the temporary web site, it can be applied to the production web site. The private key will remain hidden on the windows system and website where the CSR request is made.
IIS 6 Server , has been known to not understand this Algorithm. Installing a SHA2 certificate on your outdated system may not work. You may have to contact Microsoft for the best possible resolution. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.
Generation of Dummy Website: However, you will need to specify a path. The directory you select is completely arbitrary and will not affect the CSR generation. In the below example, the C: The temporary web site does not need to be started for this process. On the Name and Security Setting page perform the following.
This will help you identify the certificate if multiple certificates are installed. For the bit length, specify Ignore the Cryptographic service provider CSP for this certificate. On the Organization Information page of the wizard specify the following. DO NOT accept these if they are not valid. Specify the full legal name of your company. Specify the domain name of your website.
Ip addess and internal server names do not qualify. On the Geographical Information page of the wizard specify the following. The Locality field is the city or town name, for example: Spell out the state completely; do not abbreviate the state or province name, for example: Use the two-letter code without punctuation for country, for example: In the Certificate Request File Name page of the wizard perform the following.
Within the contents of this file is your CSR you will copy and paste its contents into your enrollment processing form when enrolling for a CA certificate. Upon completing the Certificate Wizard, it is important to leave the request pending for successful certificate installation on the website. Doing so will prevent installation of the certificate that is returned. Use a plain text editor such as Notepad, paste the content of the certificate and save it with extension.
Processing the pending request on the Dummy Website: