Install SSL Certificate: IIS 7
Follow these instructions to install your SSL server certificate.
-
Your SSL server certificate will be sent to you by email. The email message
includes the web server certificate that you purchased in the body
of the email message. Copy the certificate from the body of the email and paste
it into a simple text editor, such as Notepad.
- Save this as
yourdomain.cer on your desktop or other location
where you can find it later.
- Open the Internet Information Services (IIS) Manager.
From the Start button select Programs >
Administrative Tools > Internet
Information Services Manager.
- In the IIS Manager, select the server node on the top left under Connections
- In the Features pane (the middle pane), double-click the Server
Certificates option located under the IIS or Security heading
(depending on your current group-by view).
- From the Actions pane on the top right, select Complete
Certificate Request.
- On the Complete Certificate Request page browse to the SSL certificate file
yourdomain.cer that you saved from step 2. Don't worry if your file
saved as yourdomain.cer.txt, just change the Files of type drop down to browse for files
of type *.*.
- Next, type a friendly name for the certificate in the Friendly name box,
and then click OK. Something like www.yourdomain.com will do.
- Your SSL server certificate is now installed on your server and you should see it listed
in the Server Certificates view. Now you will need to configure your web site to
use the certificate.
- If you have only one web site it will mostly likely be listed in IIS 7 as
the Default web site. Select and right-click on the Default web site and select
Edit Bindings. If you only see 'http' under the Type column of the Web Site
Bindings dialog box click the Add button and select 'https' from the drop down
box under Type. Then select the name of the SSL certificate from the SSL certificate list
that you just installed and click Ok. Then click Close to complete the Edit Bindings wizard.
Test Your SSL Certificate
Test your SSL certificate by using a browser to connect to your server.
Use the https protocol directive. For example, if your
SSL was issued to secure.mysite.com, enter https://secure.mysite.com into
your browser.
Your browser's padlock icon will be displayed in the locked position if your certificate
is installed correctly and the server is properly configured for SSL.
|
CSR Legend
When generating your CSR you will be asked to input
a few pieces of info. Below are some common fields with descriptions and examples.
Common Name (CN)
The fully-qualified-domain name for your certificate. Examples include...
- www.domain.com
- owa.domain.net
- secure.domain.ca
- *.domain.com (for wildcard SSL)
Organization (O)
The exact legal name of your organization. Do not abbreviate your
organization's name. Example: Metro Realty LLC or Flowers by Jenny
Organizational Unit (OU)
The section or division of the organization. Example: Sales, Support, Customer Service
City or Locality (L)
The city where your organization is legally located. Cannot be
abbreviated. Example: Atlanta
State (S) or Province
The state or province where your organization is legally located. Cannot
be abbreviated.. Example: Georgia
Country (C)
The two-letter ISO Country Code abbreviation for your country. Example: US, CA, GB (must be two-letters)
Email
Any email address. This field is arbitrary but must be filled in. GeoTrust
will not use this email address to process your order. Example: user@example.com
Key Bit Length
The key bit length has to do with the initial key exchange, not the
encryption strength of your certificate. GeoTrust recommends a key bit length of at least 1024.
|