Because of the new structure in IIS 7 manager interface, there is a little change in how CSR is being generated.
Follow the steps below to generate a Private Key and CSR in IIS 7.0 and above:
1. Log on to the server with the administrator account or an equivalent account.
2. Open the Internet Information Services (IIS) Manager. From the Start button select Programs > Administrative Tools > Internet Information Services Manager or Open Run and enter “inetmgr“.
3. In the IIS Manager, select the server node on the top left under Connections.
4. In the Features pane (the middle pane), double-click the Server Certificates option located under the IIS or Security heading.
5. From the Actions pane on the top right, select Create Certificate Request. The Distinguished Name Properties dialog box will open.
6. Enter your site’s Common Name. This is the fully-qualified-domain name for your web site or application. Ensure that this is the correct name and there is no whitespace in between or at the end of the name. Enter your Organization, Organizational Unit, City/Locality, State/Province and Country/Region. Click Next.
7. Select Microsoft RSA Channel Cryptographic Provider as the Cryptographic service provider.
8. Select bit length. This depends on the encryption level you are looking for, but in my case I always use 2048-bit length. Click Next.
9. In the Certificate Request File Name box, enter the path and file name where you want to save your CSR.
10. Click Finish to complete the certificate request (CSR) Wizard.
11. The final step is to send the CSR to the Certificate Authority that will sign the Certificate if it is going to be signed by a third party. Most of these third parties have tool that can be used to submit the CSR for signing.