Phone: (480) 722-1227
Toll Free: (888) 722-1227
SSL Certificate Installation in Microsoft IIS 7
Last Post 27 Dec 2012 06:13 PM by SuperUser Account. 0 Replies.
Printer Friendly
Sort:
NextNext
You are not authorized to post a reply.
Author Messages
SuperUser AccountUser is Offline
Basic Member
Basic Member
Posts:138

--
27 Dec 2012 06:13 PM  

Installation:

  1. Open the ZIP file containing your certificate. Save the file named your_domain_name.cer to the desktop of the web server you are securing.

  2. Click on Start, then Administrative Tools, then Internet Information Services (IIS) Manager.

  3. Click on the server name.

  4. From the center menu, double-click the "Server Certificates" button in the "Security" section (near the bottom of the menu).

  5. From the "Actions" menu (on the right), click on "Complete Certificate Request." This will open the Complete Certificate Request wizard.

  6. Browse to your_domain_name.cer file that was provided to you by DigiCert. You will then be required to enter a friendly name. The friendly name is not part of the certificate itself, but is used by the server administrator to easily distinguish the certificate.

  7. Clicking "OK" will install the certificate to the server.

    Note: There is a known issue in IIS 7 giving the following error: "Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created." You may also receive a message stating "ASN1 bad tag value met". If this is the same server that you generated the CSR on then, in most cases, the certificate is actually installed. Simply cancel the dialog and press "F5" to refresh the list of server certificates. If the new certificate is now in the list, you can continue with the next step. If it is not in the list, you will need to reissue your certificate using a new CSR (see our CSR creation instructions for IIS 7). After creating a new CSR, login to your DigiCert account and click the re-key button for your certificate.

  8. Once the SSL certificate has been successfully installed to the server, you will need to assign that certificate to the appropriate website using IIS.

  9. From the "Connections" menu in the main Internet Information Services (IIS) Manager window, select the name of the server to which the certificate was installed.

  10. Under "Sites," select the site to be secured with SSL.

  11. From the "Actions" menu (on the right), click on "Bindings." This will open the "Site Bindings" window.

  12. In the "Site Bindings" window, click "Add..." This will open the "Add Site Binding" window.

  13. Under "Type" choose https. The IP address should be the IP address of the site or All Unassigned, and the port over which traffic will be secured by SSL is usually 443. The "SSL Certificate" field should specify the certificate that was installed in step 7.

  14. Click "OK."

  15. Your SSL certificate is now installed, and the website configured to accept secure connections.

    To enable your SSL certificate for use on other Windows servers, see our PFX export instructions for help.

Troubleshooting:

  1. If your web site is publicly accessible, our SSL Cert Tester tool can help you diagnose common problems.

  2. Open a web browser and visit your site using https. It is best to test with both Internet Explorer as well as Firefox, because Firefox will give you a warning if your intermediate certificate is not installed. You should not receive any browser warnings or errors. If you immediately receive a browser message about the site not being available, then IIS 7 may not yet be listening on port 443. If your web request takes a very long time, and then times out, a firewall blocking traffic on TCP port 443 to the web server.

  3. Note for ISA servers: If your ISA 2004 or 2006 server is not sending the intermediate certificate, you need to fully reboot the server. We have confirmed this to be true with many customers: ISA server will not properly send the intermedate certificate chain until after a full reboot.

You are not authorized to post a reply.

Active Forums 4.2
Vigilant Technologies
Vigilant Technologies is a certified 8(a), Veteran Owned company headquartered in Chandler, Arizona. We provide products, services and enterprise-wide integration of innovative IT solutions to commercial, Federal, State and Local government clients. Our Leading edge services include Private/Hybrid Cloud, Server Consolidation, Visualization implementation, and Infrastructure Management.
Engage with us
Copyright 2006 - 2013 Vigilant Support   |  Privacy Statement  |  Terms Of Use