Install SSL Certificate IIS 7

Step 1: Install the SSL Server Certificate

1. Your SSL server certificate will be sent to you by email. The email message includes the server certificate that you purchased in the body of the email message. It will be labled "Server Certificate (public key)". It is also downloadable from your SSL Manager account (recommended). Copy the certificate from the body of the email and paste it into a simple text editor, such as Vi or Notepad (do not use MS Word).
   
   
2. Save this as public.cer on your desktop or other location where you can find it later.
3. Open the Internet Information Services (IIS) Manager. From the Start button select Programs > Administrative Tools > Internet Information Services Manager.
4. In the IIS Manager, select the server node on the top left under Connections
   
   
5. In the Features pane (the middle pane), double-click the Server Certificates option located under the IIS or Security heading (depending on your current group-by view).
   
   
6. From the Actions pane on the top right, select Complete Certificate Request.
   
   
7. On the Complete Certificate Request page browse to the SSL certificate file public.cer that you saved from step 2.
   
   
8. Next, type a friendly name for the certificate in the Friendly name box, and then click OK. Something like www.mydomain.com will do.
9. Your SSL server certificate is now installed on your server and you should see it listed in the Server Certificates view. Now you will need to configure your web site to use the certificate.

Step 2: Edit Server Bindings

1. If you have only one web site it will mostly likely be listed in IIS 7 as the Default web site. Select and right-click on the Default web site and select Edit Bindings.
   
   
   If you only see 'http' under the Type column of the Web Site Bindings dialog box click the Add button and select 'https' from the drop down box under Type.
   
   
   Then select the name of the SSL certificate from the SSL certificate list that you just installed and click Ok.
   
   
   Then click Close to complete the Edit Bindings wizard.

Troubleshooting/Testing

To verify if your certificate is installed correctly, use the GeoTrust Certificate Installation Checker.

Test your SSL certificate by using a browser to connect to your server. Use the https protocol directive. For example, if your SSL was issued to secure.mysite.com, enter https://secure.mysite.com into your browser.

Your browser's padlock icon will be displayed in the locked position if your certificate is installed correctly and the server is properly configured for SSL.

For IIS SSL troubleshooting, Microsoft has designed a tool - SSL Diagnostics - to aid in quickly identifying configuration problems in the IIS metabase, certificates, or certificate stores.

When attempting to install the certificate IIS returns this message:

Error: The pending certificate request for this response file was not found. This request may be cancelled. You cannot install selected response certificate using this Wizard.

The most common reason for this is that the certificate in the body of the email is corrupted. Assuming you haven't deleted the pending request, an easy fix is to download the certificate directly from your SSL Manager account and try to install again. If that doesn't work, or you have already deleted the pending request, you will need to generate a new CSR and have your certificate reissued.