fbpx
Back to menu

Certificates

Certificates

Server Certificates
  • SSL/TLS Certificates

    SSL/TLS certificates encrypt information, verify identity, and strengthen consumer trust. We offer a range of certificates that cover every security need.

Software & App Certificates
  • Code Signing Certificates

    Code Signing removes the “Unknown Publisher” security warning and identifies the publisher of a piece of software or an application.

Email Certificates (S/MIME)
  • PersonalSign Certificates

    Secure your emails by applying a digital signature, encrypting your email content, or a combination of both.

Document Certificates
  • Document Signing Certificates

    Digital certificates that can be used to sign or seal digital documents like Adobe PDF files or Microsoft Office files.

Qualified Certificates
  • PSD2 Certificates

    As one of very few European providers, we offer QWAC and QSealC certificates that comply with eIDAS and PSD2.

Back to menu

Solutions

Our solutions

⚡ Discovery Tools
  • ⚡ SSL360®

    Our brand-new discovery tool SSL360™ provides total visibility and control of public-facing digital certificates across your organization: Inventory, track, monitor, and renew your certificates — all in one place!

Certificate Management

Our full range of certificate management solutions covers every need — from individual customers and startups needing one or two certificates and up to large companies looking for enterprise-grade solutions:

  • Customer Portal

    Advanced, on-demand certificate management.

  • Managed SSL

    Optimized for professional use, Managed SSL is designed around enterprise-specific security requirements.

  • Certificate Manager

    Certificate Manager fully automates the entire certificate management workflow.

  • Managed S/MIME

    For enterprise organizations looking to implement an enterprise-wide, secure email solution.

  • AppviewX Cert+

    The certificate and key lifecycle automation platform. Prevent outages and ensure constant network availability by gaining full visibility into and control over your PKI.

High-Volume Document Signing
  • Digital Signing Service

    Our cloud-based digital Signing-as-a-Service solution providing companies and organizations with an easy-to-deploy and cost-effective way to add digital signatures to their existing workflows.

eIDAS
  • eIDAS and PSD2 certificates

    As one of very few European providers, we offer QWAC and QSeal certificates that comply with eIDAS and PSD2.

SSL Certificate reseller

Want to expand your revenue stream and provide your customers with top-notch online security? Look no further than becoming a Trustzone SSL Certificate reseller partner.

Back to menu

Support

Our Support

Our Support and Service

Our first-class customer service and support is the core of our business. Read more about what we offer here.

Contact Support

Our friendly support team is ready to help you!

Knowledge Base 💡

Our collection of support content: How-to guides, Roots, Intermediates, and FAQs.

Certificate Tools

Our CSR/Certificate decoding tool with intermediate fetching

📈 Most Viewed:

How to enable TLS 1.2 on Windows Server 2008/2016

Read more
Back to menu

Insights

Insights

Articles

Occasionally, we share our take on the world of PKI and SSL/TLS encryption and authentification. Read our articles here.

Customer case stories

More than 3,000 companies have already trusted us with their certificates. Read about a couple of them here.

Events and live webinars

Sign up for one of our live webinars or product demos. We look forward to seeing you!

Back to menu

About

About

News

From time to time, new regulations and developments affect the PKI and SSL/TLS realm. Read our news updates about that here.

About Us

Our founders Jacob and Henrik started TRUSTZONE more than 15 years ago. Read more about our story here.

Our Partners

Our partnerships are an important part of our story and our business. Read more about our partners here.

Cookies & Privacy Policy
General Terms of Sale and Delivery
Support Service Level Agreement
Careers at TRUSTZONE
CSR
Contact Us
  1. Home
  2. Knowledge Base
  3. SSL Certificate Guides
  4. Generate CSR
  5. Microsoft IIS Web server
  6. How to generate a CSR for a Microsoft IIS 10 web server (ECC)

How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


Follow the instructions in this guide to use IIS 10 to create an Elliptic Curve Cryptography (ECC) Certificate Signing Request (CSR).

  1. In the Windows start menu, type MMC and open it:

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  2. In MMC, go to File -> Add/Remove Snap-In:

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  3. Choose the Certificates snap-in and click Add:

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  4. Choose Computer account (to manage certificates system-wide):

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  5. Choose Local Computer, click Finish and press OK to exit the snap-in window:

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  6. In the MMC window, expand the following section Certificates (Local Computer) -> Personal -> Certificates

  7. Right-click the Certificates folder and select All Tasks > Advanced Operations > Create Custom Request…

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  8. Click Next on the Certificate Enrollment window

  9. Choose Proceed without enrollment policy. Click Next:

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)

  10. Choose CNG Key and the PKCS#10 (these should be the default choice):

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  11. Expand the Details section of the custom request and click Properties:

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  12. On the General tab, fill out a Friendly name and Description. These options are for certificate identification in places like IIS & Exchange. This information does not get vetted or appear on the certificate itself

  13. On the Subject tab, you can specify various fields to appear in your CSR. Select the field you wish to populate from the drop-down menu, enter a value, and click Add

  14. Repeat this for each additional field you wish to specify. At a minimum for a Domain Validated certificate, you should have Common Name and Country If you are ordering a Business certificate please specify Common Name, Country, Organization:

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  15. Skip to the Private Key tab and expand the Cryptographic Service Provider. Uncheck the first box for RSA, Microsoft Software Key Storage Provider. Choose one of the ECDSA boxes for an ECC provider. In this instance, the P256 curve is chosen (this is the most common):

    Guide on How to Generate a CSR for a Microsoft IIS 10 Web Server (ECC)


  16. Next, expand the Key Options section. Here you can set the key size (Please set it to a minimum of 256). You can also mark the key as exportable, this is needed if you want to install the certificate on other devices.

  17. Click Apply, then click OK

  18. Click Next to continue the Certificate Enrollment process

  19. Lastly, choose the Base 64 option and click Browse to choose a location for your CSR.

 

Get in touch with us for a non-binding quote

We will contact you as soon as possible.

* Please use a work email address to register

Follow us on LinkedIn to get the latest updates, news and insights.

Was this article helpful?

Yes No