Creating the CSR:

Everything you need to know is here:

Create a CSR with SHA256 signature algorithm

Importing the certificate:

Save the certificate to a .cer file somewhere you can easily find it, and add it using ‘complete certificate request’ from IIS Manager’s Server Certificates section. You may (will) find that although the certificate imports apparently successfully, it will vanish if you navigate away and come back. Oops. That’s because the private key on the certificate isn’t in place properly; there’s a utility to fix that. See here:

http://www.entrust.net/knowledge-base/technote.cfm?tn=7905

Doing that should make the certificate come back when you browse to it in IIS7.0 and you can now select it when setting the bindings against a website.

Archives