SSL/TLS Part 2: How to Create and Configure a Certificate

In the first article, ‘How to use SSL/TLS to Secure Your Communications: The Basics‘, I wrote about what SSL/TLS was about.  In this new article, I will show you how to create and setup a certificate on IIS.

Create a certificate request:

1.      Open IIS and right-click on Default Web Site or the name of the website you want to create a certificate for

2.      Click on Server Certificate

3.      Click on Next in the Welcome to the Web Certificate Wizard

4.      Select Create a new certificate and click on Next

5.      Select Prepare the request now, but send it later and click on Next

6.      In the Namebox, enter a friendly name to use when referring to your certificate (or just leave the default name if you have only one website) and click on Next

7.      Enter your organization’s name

8.      In the Organizational unit box, you can enter Mail or Web, or leave it blank and click on Next

9.      In the Common name box, enter your Fully Qualified Domain Name (servername.yourdomain.com)

10.      If you are requesting a wildcard certificate, enter *.yourdomain.com

11.      Click on Next

12.      Enter your geographical information in the following screen, e.g., Country/State/City; click on Next

13.      Enter the File name of your certificate request and the path where you want to save the file; click on  Next

14.      Review the info provided in the File Summary and click on Next

15.      Click on Finish in Completing the Web Server Certificate Wizard

16.      Navigate to the path where you saved the certificate file (Step 13) and open it with a text editor (e.g., Notepad)

17.      Click on _<Ctrl+A>_to select and copy the content to your clipboard

18.      Go to your certificate provider’s website, e.g., Entrust,  VeriSign, DigiCert, etc., and copy/paste the text to the site when and where prompted

Install a Certificate

1.      Once you get your certificate repeat Steps 1 and 2 from above (i.e. open IIS, right-click the website and choose Server Certificate).  Select Process the pending request and install the certificate and click on Next.

2.      Locate the certificate your provider issued and click on Next

3.      Confirm that port 443is configured for HTTPS and click on Next

4.      Confirm the info that appears in the Certificate Summary then click on Next

5.      Click on Finish

6.      Verify that your website responds on https://your_site_address. If not, you might need to stop/start your website or better yet restart IIS.

That’s it! You are now ready to use your certificate.

References:

• How to use SSL/TLS to Secure Your Communications: The Basics