After submitting your Certificate Signing Request (CSR) and receiving your SSL certificate from a Certificate Authority (CA), the next step is to complete the certificate request in IIS. This process installs the SSL certificate onto your Windows server.
This guide applies to IIS 7, IIS 8, IIS 10, and newer versions.
A valid SSL certificate file from your CA (typically .crt or .cer format).
The private key must still exist on the server (from the original CSR).
Administrative access to the server and IIS Manager.
Open IIS Manager
Press the Windows key, type inetmgr, and press Enter.
Select the Server Node
In the Connections pane (left side), click the server name (not a specific website).
Open Server Certificates
In the Features View, double-click Server Certificates.
Complete the Certificate Request
In the Actions pane, click Complete Certificate Request…
Provide Certificate File Details
File name: Browse to and select the .cer or .crt file received from your CA.
Friendly name: Enter a recognizable name for the certificate (e.g., example.com SSL 2025).
Note: This name is for internal use only and does not affect certificate functionality.
Select certificate store: Choose Personal (default).
Click OK
If successful, the certificate will appear in the list of server certificates.
If the certificate does not appear, double-check:
The certificate file matches the original private key generated during CSR.
The certificate is not corrupted or incomplete.
🧠 Tips
If you see an error like “The specified file is not a valid certificate”, it usually means:
The certificate doesn’t match the original CSR/private key.
You’re using the wrong file type — make sure it's .cer or .crt.
For wildcard or multi-domain certificates, ensure the Common Name (CN) or Subject Alternative Names (SANs) match the site bindings.
