In order to obtain an SSL Certificate, first you have to generate a private server key and CSR. IIS has a built-in tool that can be used to do this.
Open the IIS Manager from Windows Start >Administrative Tools>IIS Manager.
In the IIS Manager Connections pane, click the server name, and then and double-click the Server Certificates icon in the main pane.
In the Actions pane, choose Create Certificate Request…
Enter the requested information:
Common name must be set to the URL that clients will type into their browsers to access the MassTransit web interface, for example: name.company.com.
Enter your Organization’s name and your organizational unit.
Enter your City/locality. This must be specified as the official name and it cannot be abbreviated.
Enter your State/province. This must be specified as the official name and it cannot be abbreviated.
Select your Country/region.
Click Next.
Select a Cryptographic service provider from the drop down menu.
Select a Bit length from the drop down menu. The bit length should be set to the desired encryption level. 1024 is standard; 2048 is becoming increasingly popular. Click Next.
Specify a file name for the certificate request, and then click Finish. By default, the generated request is stored in C:\Windows\System32\filename.txt.
Next, you must have the certificate request signed by a Certificate Authority such as Verisign or Thawte.
Once you have the signed certificate, you must install it to the server from which the Certificate Request was generated. To do so:
In IIS Manager Connections pane, click the server name, and then double-click the Server Certificates icon in the main pane.
In the Actions pane, choose Complete Certificate Request…
Use the … button to navigate to the signed certificate file.
Enter a Friendly name. The friendly name is not part of the certificate, but helps the server administrators to easily distinguish the certificate. Click OK.
Now you can use this certificate to configure SSL for IIS.