Breadcrumbs

Generate CSR by certreq Command Line Tool

  1. To make sure the Utimaco CryptoServer Key Storage Provider are listed, use below command

> cngtool EnumProvider

  1. Set up a template file

    1. Generate a request for an SSL certificate linked to a 2048 RSA key by creating a file called request.inf with the following information

    2. Specify the subject details of the IIS Server

    3. Specify the key algorithm and key length as required, for example, RSA 2048

    4. Specify the Provider name as Utimaco CryptoServer Key Storage Provider

    5. When you have set up the template successfully, save it as request.inf on the C:\ drive

request.inf

[Version]
Signature= "$Windows NT$"
[NewRequest]
Subject = "CN=utimaco.com,C=IN,ST=MH,L=testing,O=UtimacoCom,OU=IISServer"
HashAlgorithm = SHA256
KeyAlgorithm = RSA
KeyLength = 2048
ProviderName = "Utimaco CryptoServer Key Storage Provider"
KeyUsage = 0xf0
MachineKeySet = True
[EnhancedKeyUsageExtension]
OID = 1.3.6.1.5.5.7.3.1

  1. Open a command prompt and go to the local drive, in this case C:\

  2. To create the certificate request for the Certification Authority, execute the command:

> C:\ certreq.exe -new request.inf IISCertRequest.csr
CertReq: Request Created.

A certificate request called IISCertRequest.csr is generated and placed on the C:\ drive.