Solved

Self Signed Certificate in IIS6

Posted on 2003-11-23
7
34,778 Views
Last Modified: 2011-08-18
Does anyone know how to create and install a self-signed secure transaction certificate for IIS6?

I'm running Windows XP Professional and need it in order to add realism the situation of a project I'm designing for a degree.
0
Comment
Question by:SurfingHamster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 4

Accepted Solution

by:
af500 earned 125 total points
ID: 9814269
This says for IIS 5.0, but it works for IIS 6.0 as well.

Grab a copy of openssl

Then:
1. Go into IIS - Secured Directory - Server Certificate and request a certificate for your domain. This gives you c:\certreq.txt.

2. Go into mmc.exe and under REQUESTS export the request including private key as
PKCS12. Take off strong encryption. Enter a passphrase twice. This will create c:\yourfile.pfx

3. Run openssl against yourfile.pfx:
openssl pkcs12 -info -in yourfile.pfx -nodes

This will give you your private key, cut n paste it into a new file priv.txt
openssl req -x509 -key priv.txt -in certreq.txt > cert.txt

4. Go back into IIS and finish off the cert request using cert.txt. Turn on
port 443 for the site...

0
 

Author Comment

by:SurfingHamster
ID: 9814610
Thanks for that, but I already found a way of doing it - really easily in fact!

I simply browsed to Microsoft's website and downloaded the IIS Resource Kit for Windows XP and Windows 2003.

There's a selfcert utility included which allows easy creation of keys; it even installs them for you!

I'll award you the points, though, for your efforts! :)
0
 

Expert Comment

by:vukko
ID: 11942066
instead of awarding points, how about posting the URL?
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Expert Comment

by:icesoftware
ID: 11950983
Hi there everybody!

I had the same problem and here is what I found out.

You can download IIS 6.0 Resource Kit Tools from:

http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&displaylang=en

Just create a virtual site (or use one that you already have) setting it up for SSL. Basicly, you have to set the SSL Port to 443 in the mmc that manage IIS 6.0 and then go to the Directory Security tab and enable the use of the SSL channel (I advice to require 1024 bits encryption).
At this point you if you installe the IIS 6.0 resource kit, you should have a new menu entry called IIS resources (in your start menu->Programs). You need to use a tool called: IIS Metabase Explorer. Go to LM->W3SVC and select the items on the left (especially those with big numbers) to see on the right a description of them and find your virtual site. The big number is the ID of the site (if you instead wants to use the default site the ID is always 1). At this point, suppose the site has ID=1088768498 you have to issue:

SelfSSL /N:CN=yoursite.yourdomain.com /V:365 /S:1088768498

where:

/N:CN is the name of your site on the internet (or LAN)
/V: sets the number of days before the new certify expires
/S: is the ID we found

That's it the site is now operative and ready to go.

Hope this helps!

ACL
0
 
LVL 4

Expert Comment

by:daluu
ID: 13973284
FYI: some additional info

Accordingly, SelfSSL supposedly only works for Win XP and 2003. Is that true?

Anyhow, if that's true, then for Win 2000, there may be another similar alternative though I haven't tested it out myself. Took a bit of searching though.

For win 2000 you'd want SSL Diagnostics from MS.
Get it at
http://www.microsoft.com/downloads/details.aspx?FamilyID=cabea1d0-5a10-41bc-83d4-06c814265282&DisplayLang=en

info about how to use it at
http://www.microsoft.com/technet/community/columns/insider/iisi0304.mspx#EBCAA
0
 

Expert Comment

by:Jacquestheron
ID: 22250415
Is it true that with SelfSSL you can only create one self signed cert per web server?  This seems to be the case with our webserver. I created six cert's and only the last one that was created would work.  Does anyone know how to get around this to create self signed certificates for multiple SSL sites on one web server?

Jacques
0
 
LVL 4

Expert Comment

by:daluu
ID: 22251967
Well, I believe there's also OpenSSL. There is probably a windows version or if not, you can use the Cygwin version to run on Windows. It's not as simple as using the MS/IIS SSL tools but it gives you a lot more options.
0

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question