There are several ways to create a Certificate request (CSR) for SSL Certificates. There are a large number of tools that can help or assist you in this process.
This article is about how to create a certificate request (CSR) with the standard Windows tools and without using IIS.
At this point it is important to note that we should perform the entire process of creating a certificate on the same computer, because when the CSR is created, the private key of the future certificate is created on the same computer.
So let’s get started:
At this point you can continue with the public part of the certificate ordering process as before.
As mentioned at the beginning, it is important that at the end the final certificate is imported back to this computer. This way you can create a PFX with the private key included.
When creating Certificate requests (CSR’s) there are of course different requirements. Depending on the intended use, additional information must be included in the certificate or the encryption must be greater than 2048.
Please note that this article is about standard certificates.
How often we really have to go this way depends on the situation and the application.
With an Exchange Certificate for example, the CSR can be created directly by the Exchange Management Shell or the ECP.
Some of my customers use this path when creating certificates for the use of ADFS.