Request a certificate for an IIS web server

By /


Request a certificate for a web server

Before you can use SSL, you have to first install a certificate on your IIS
web server.


  • In IIS, right-click on the site you want to secure
  • Select Properties
  • On the Directory Security tab, click Server Certificate
  • Click Next and select Create A New Certificate
  • Select Prepare The Request Now, But Send It Later
    and click Next
  • Type a name for the certificate and bit length, and then click Next.
  • Type your organizational name and organizational unit in the box provided
    and click Next.
  • Enter your Web server name and click Next.
  • In the next dialog box, provide some geographical information and click
    Next.
  • Enter the location and the name for the certification request, then click
    Next.
  • Verify the information and click Next, and then click Finish.
If
you use Microsoft’s CA server, use these steps to issue the certificate.

  • Open Internet Explorer and type “CAserverName/certsrv”
  • Select Request A Certificate and click Next
  • Select Advanced Request and click Next
  • Select Submit A Certificate Request Using A Base64 Encoded
    PKCS #10 File     or A Renewal Request Using A Base64
    Encoded PKCS #7 File     and then click Next.
  • Open the certificate request file you created previously, copy and paste its
    contents into the form provided, and click Submit.

Accept the request and issue the certificate


  • In the Administrative Tool folder, open the Certification Authority console, and select Pending Requests
  • Right-click the pending certificate, select All
    Tasks    , and select Issue

Retrieve the certificate from your CA server


  • In IE type “CAserverName/certsrv”
  • Select Check On A Pending Certificate, and click
    Next.
  • Select the certificate and click Next
  • Select DER Encoded, and click Download CA Certificate
  • Select a folder in which to store the certificate, and click Save

Import the certificate into IIS


  • Go back to the Internet Services Manager console
  • Right-click the site and select Properties
  • In the Directory Security tab, click Server Certificate
  • Select Process The Pending Request And Install The
    Certificate     and click Next.
  • Type the path to the CA response file you saved and click Next
  • Verify the information and click Next, and then click Finish.

Enable SSL


  • Click Edit, select Require Secure Channel (SSL).
  • For additional security select Require 128-bit
    Encryption
  • Click OK and close all dialog boxes.

Additional info : Microsoft’s Step-by-Step Guide to Certificate Services Web Pages

About The Author

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top