With increasing minimum requirements in SSL security, many — if not all — SSL certificate issuers are requiring that 2048-bit CSRs be used to generate new certificates.
If your website on an IIS server is already using a certificate, there is no way to generate a new cert with any options changed from the current cert. In order to generate a new CSR with 2048-bit encryption to replace your current 1024-bit cert, you need to either remove the server’s current cert (rendering the site insecure), or create a new website and generate the CSR from it.
Microsoft Support has an article describing the section option.
This article describes how you can create a new certificate signing request (CSR) or generate a renewal request without having to remove the existing certificate from your Web site.