To add an SSL certificate to IIS in Windows Server 2008 R2
Its something that I really do without actually thinking about, simply get another certification and add it to the server so that the Site can load https:// instead of http:// I have used lots of different SSL suppliers, however I have discovered that the most reliable and easy to use is www.trustico.co.uk and their customer service and service is outstanding.
That I will attempt to create this as step-by-step as possible so that it’s easy to follow.
Part 1 — Making the certificate request
- Click on the host name on the left hand side and on Server Certificates
- On the right-hand-side of the server buy ssl certificate uk department, click on Create Certificate Request
- The Request Certificate wizard is shown. The Common Name is the site URL that you are likely to earn SSL. In this case, I’m creating a certification for a number of our systems.
There are two chief kinds of certification, single and wildcard. A single certification is for a single site (e.g. https://www.google.co.uk), a wildcard certification is for numerous sub-domains at precisely the exact same domain name (e.g. https://maps.google.co.uk AND https://places.google.co.uk… and as numerous other sub-domains since you can think of) without needing to purchase individual certificates for every sub-domain.
The single REALLY significant part of this is the common name.
Click on Next to continue Change the Bit length to 2048 or higher. A note of caution on this — should you change it to some very large bit length it usually means the quantity (size in kb) of all pages being shipped to and from the website is significantly increased, but is more secure.
You shouldn’t opt for any setting lesser than 2048. As of October 2013, all 1024-bit certificates are revoked and 2048 is the benchmark. Next we are picking somewhere to put the certificate request (just a plain text document ). I put this on the Windows Desktop for ease of obtaining in a few measures time.
Click on the… button to choose the location
Installing the certification on the server You ought to have an email from TrustICO (in this example it took 12 minutes to get to me) with the subject RapidSSL Fulfillment E-Mail [certificate name]
Scroll down the email till you get to the –BEGIN CERTIFICATE–part. I’ve (obviously) hashed out my certification for safety reasons.
Choose the complete certificate (like the start and end lines) and Copy it to the clipboard (Ctrl + C or Cmd+C).
Go back to the host (or even if you are already on it, then get into the desktop computer )
- On the server, Open Notepad Glue from the certification Click File, Save As and select the Desktop again (or if like me you have a Good Deal of certificates, create a folder to put them all in)
Give the certificate a name you will remember (I always place the years in so that I can differentiate between various years worth of certifications ).
IMPORTANT — there MUST be the expansion .cer at the end.
IMPORTANT — change the”Save As Type” to All Files (if you forget, It Is Going to include a .txt at the end of the document name, which you then have to remove to make it work)
- You should now see a certificate on your desktop (or the folder where you saved it) Open IIS and go to the Server Certificates item Click on Complete Certificate Request on the Ideal hand side
- Select Your certificate for the File Name box
IMPORTANT — Favorable Name — should you ordered a wildcard certificate it’s REALLY IMPORTANT that you put the frequent name of the certification as the friendly name (e.g. *.goodmorningpulse. co.uk)
In this circumstance, as it was one certificate, not a wildcard its good to give it a name so that you understand which is that on the listing.
Screen Shot 2013-09-12 in 10.15.15
IIS Parses the petition, and if effective (which it always needs to be in case you have created the certificate properly ) then it’ll add the certification to your record.
Component 4 — Binding the certification to the website
So you have your certificate on the server, and at this point you should tell your website to utilize it.
- On the left hand side, extend the Sites item in IIS
- Right-click on for, and then click Edit Bindings
Screen Shot 2013-09-12 in 10.24.35
- The website bindings are displayed. Click on Add
- Change the type and then Choose your certificate
Screen Shot 2013-09-12 at 10.25.48
Click on OK and then Click Close
- The website will now allow https connections! Its that simple!