12.9. Obtaining and Installing SSL Certificates

Problem

You want to obtain a server certificate from a Certificate Authority (CA) and install it on your IIS computer to enable SSL on a web site.

Solution

Using a graphical user interface

To obtain a certificate from a third-party CA and install it on a web site named MTIT Corp, first generate a certificate request as follows:

  1. Open Internet Information Services (IIS) Manager.

  2. In the left pane, expand the MTIT Corp web site, right-click on the site, and select Properties.

  3. Select the Directory Security tab.

  4. Click the Server Certificate button to start the Web Server Certificate Wizard and click Next.

  5. Select Prepare the request now but send it later and click Next.

  6. Type the name of the web site (in this example, MTIT Corp) and click Next.

  7. Leave the bit length at 1024 or choose a higher value if desired for greater security and click Next.

  8. Type the name of your organization and organizational unit (e.g., department or division) and click Next.

  9. Type the DNS name of your web site and click Next.

  10. Type the specified geographical information and click Next.

  11. Save your certificate request file as C:\certreq.txt.

To submit your certificate request to a third-party CA such as Verisign, do the following:

Go to the CA's web site (e.g., http://www.verisign.com) and follow instructions for submitting your certificate request to obtain a server certificate. Typically, you will have to paste the contents of your certreq.txt file into a form as part of the process. ...

Get Windows Server Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.