CONTENTS

IIS and Server: Installing a Certificate

1. Installing an Issued Certificate. Once you have been issued a certificate you can download and install it on your Web server. This will then be issued to each visitor that connects to your site using https.

Browse to the address of your CA, http://%server name%/certsrv and select View the Status of a Pending Certificate Request.



There may be multiple certificate requests pending. If this is the case you will see multiple requests and must select your request, which is where having your conformation information is helpful. Select your request to continue.



You can download the certificate using either of the encoding methods and save the file to your hard drive. For the tutorial the Base-64 encoded option was used. Select Download Certificate to begin the download.



After downloading the SSL certificate go back to the IIS Manager. If you closed it you can open it by click on the Start menu and going to Administrative Tools and selecting Internet Information Services Manager. Once opened right click the Default Web Site and select Properties.



Select the Directory Security tab and click the Server Certificate button to start the Web Server Certificate Wizard.



Click Next on the initial Welcome screen and select Process the Pending Request and Install the Certificate. Click Next to continue.



You now need to provide the certificate wizard with the SSL certificate you downloaded. Browse to the location of the SSL certificate you save to your hard drive and select it. Click Next to continue.



Enter the SSL port that the website will use. By default the port is 443, which you you can use and click Next to continue.



You will now be presented with a screen summarizing your choices, which you must confirm before the installation of the certificate can being. If any changes need to be made you can use the Back button otherwise click Next to install the SSL certificate.



To verify that your SSL certificate is installed correctly open a web browser and navigate to https://<your server name>/. Since the certificate you installed was signed by an unknown CA you will be presented with a warning where you can choose a number of certificate options. The default selection is to accept the certificate for this session only, which is fine. Click OK to accept the certificate and you should see the Default Web Site's home page. If you obtained your certificate through a trusted CA this warning message would not appear.