How can I renew SSL on IIS7 with No Downtime?
Generating a new CSR has no effect on the current certs. They will still be bound to the site and continue to be valid until they expire, or until you replace them with the new one.
This used to be an issue with IIS 6 but there is no risk of downtime with IIs 7. Just generate a new CSR, install it, and when you are ready to switch to the new certificate, change the site bindings. IIS will continue using the old certificate until you change the bindings.
Also, the extremely large CSR is generated from a bug in the IIs 7 renew process. You will just want to create a new CSR rather than using the Renew option.