Open IIS and navigate to server home and click on the server certificates icon.
In the actions pane, select create certificate request. Set the FQDN of the Web site in the common name and fill out the rest of the form.
Select the cryptographic provider and bit length.
Save the text file on the server’s desktop. Open the file and copy the entire CSR text to the clipboard.
Open a browser, navigate to ssls.com and log in. Click on CERTS and buy a positiveSSL certificate or any other certificate of your choice. Once it’s purchased, make sure to activate it by clicking on the MySSL icon, then on the activate button.
Enter the FQDN and click on the onwards button.
Click the Use My CSR tab (1) and enter your CSR data (from the copied text) into the CSR field (2).
Once you see the CSR looks great message, click on the onwards button.
Select the validation method (in this case receive an email) and select the email address where you wish to receive the validation confirmation email. Note: You will need to have access to admin, administrator or hostmaster email at the domain you are using.
You will soon receive an email from Sectigo Certification Authority. Follow the instructions to validate domain ownership.
Once you validate the domain, go back to ssls.com and download the SSL certificate.
Extract the zip file contents and you will see the security certificate which has a .crt extension.
From IIS click on complete certificate request from the actions pane.
Navigate to the extracted folder and change the file browser extension type from .cer *.* to view the .crt file.
The extracted .crt file should now appear in the view pane.
Select the file and click OK. In the certificate authority response, give your certificate a friendly name and click OK.
In the IIS connections pane, select the Web site and click on the bindings link in the actions pane.
Highlight the https host and click on the edit button.
From the drop-down box, select your newly minted certificate and click OK.
Open an elevated command prompt and type the command iisreset and press enter.
Once the command completes and the service restarts, your new certificate will take effect.