Where can SSL certificate be installed in IIS 5.1?

Posted on 2009-05-11
Last Modified: 2012-05-06
I have  a simple question that I need an answer on.  I am working with our Accounting software technical support trying to get our timecard website working correctly, and they are telling me to install my SSL certificate on one of the subfolders under the Default Web Site.  I don't think IIS allows that.  I have tried applying the SSL certificate to the subfolder and the "Server Certificate" button is always greyed out.  I can apply the SSL certificate to the whole Default Web Site and then check the box "Require SSL" for each subfolder.  Is this the correct way to do it or will IIS allow you the apply the SSL certificate at the subfolder level?  I have been arguing back and forth with their technical support, and I need proof of what IIS allows.  They told me that they have tested it hundreds of times, but I can't get it to work.  Please advise.  If anyone has a link or something that I can send them for proof, that would be great.

Question by:bsimmons2376
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 16

Expert Comment

ID: 24356235

Author Comment

ID: 24357568
Little bit more clear now.  So, you can't actually key or request an SSL certificate from the subfolder level, can you?  I'm just trying to make sure that the requesting part of the certificate has to be done at the website level - for example, Default Web Site > Properties > Directory Security tab > Server Certificate button.  This button is greyed out under any subfolder of the website.  The Accounting software technical support said I needed to rekey the certificate for one of the subfolders instead of the whole website, which it won't let me do.
LVL 16

Accepted Solution

2PiFL earned 500 total points
ID: 24357607

I've never done it any other way (always at the website level).  Can the accounting software tech support provide documentation on how apply the cert at a sub folder level?
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!


Author Comment

ID: 24357796
They did provide documentation that they "said" they tested hundreds of times.  Their documentation reads like this:

-  Create a new virtual directory under the Default Web Site named MyeFAACT
-  Create your Web Server Certificate (Default Website > MyeFAACT > Properties > Directory Security tab > Server Certificate button) and apply for an SSL Certificate from any SSL certificate provider you choose.  You should not use a self signed certificate.

I've tested it and it DOES NOT WORK.  I told them that I tested it, but they said "I was mistaken" because they have tested it hundreds of times.  
LVL 16

Expert Comment

ID: 24358167

What happens if you de-select "Require secure channel" on the default website?

Author Comment

ID: 24358690
That is the way it is currently setup.  I requested the SSL certificate from the Default Web Site properties and installed it on the Default Web Site.  The only sub folder that is set to "Require Secure channel" is the MyeFAACT directory.  However, tech support is telling me I need to rekey the certificate for only the MyeFAACT directory, which it won't allow you to do.  They swear up and down that they have tested it.  Has anybody else out there been able to do this?

Author Closing Comment

ID: 31580202
Thank you for your help.  The tech support finally came back and said that their instructions were wrong, and that the SSL certificate would have to be installed at the website level.

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question