Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Where can SSL certificate be installed in IIS 5.1?

Posted on 2009-05-11
Medium Priority
Last Modified: 2012-05-06
I have  a simple question that I need an answer on.  I am working with our Accounting software technical support trying to get our timecard website working correctly, and they are telling me to install my SSL certificate on one of the subfolders under the Default Web Site.  I don't think IIS allows that.  I have tried applying the SSL certificate to the subfolder and the "Server Certificate" button is always greyed out.  I can apply the SSL certificate to the whole Default Web Site and then check the box "Require SSL" for each subfolder.  Is this the correct way to do it or will IIS allow you the apply the SSL certificate at the subfolder level?  I have been arguing back and forth with their technical support, and I need proof of what IIS allows.  They told me that they have tested it hundreds of times, but I can't get it to work.  Please advise.  If anyone has a link or something that I can send them for proof, that would be great.

Question by:bsimmons2376
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 16

Expert Comment

ID: 24356235

Author Comment

ID: 24357568
Little bit more clear now.  So, you can't actually key or request an SSL certificate from the subfolder level, can you?  I'm just trying to make sure that the requesting part of the certificate has to be done at the website level - for example, Default Web Site > Properties > Directory Security tab > Server Certificate button.  This button is greyed out under any subfolder of the website.  The Accounting software technical support said I needed to rekey the certificate for one of the subfolders instead of the whole website, which it won't let me do.
LVL 16

Accepted Solution

2PiFL earned 2000 total points
ID: 24357607

I've never done it any other way (always at the website level).  Can the accounting software tech support provide documentation on how apply the cert at a sub folder level?
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Author Comment

ID: 24357796
They did provide documentation that they "said" they tested hundreds of times.  Their documentation reads like this:

-  Create a new virtual directory under the Default Web Site named MyeFAACT
-  Create your Web Server Certificate (Default Website > MyeFAACT > Properties > Directory Security tab > Server Certificate button) and apply for an SSL Certificate from any SSL certificate provider you choose.  You should not use a self signed certificate.

I've tested it and it DOES NOT WORK.  I told them that I tested it, but they said "I was mistaken" because they have tested it hundreds of times.  
LVL 16

Expert Comment

ID: 24358167

What happens if you de-select "Require secure channel" on the default website?

Author Comment

ID: 24358690
That is the way it is currently setup.  I requested the SSL certificate from the Default Web Site properties and installed it on the Default Web Site.  The only sub folder that is set to "Require Secure channel" is the MyeFAACT directory.  However, tech support is telling me I need to rekey the certificate for only the MyeFAACT directory, which it won't allow you to do.  They swear up and down that they have tested it.  Has anybody else out there been able to do this?

Author Closing Comment

ID: 31580202
Thank you for your help.  The tech support finally came back and said that their instructions were wrong, and that the SSL certificate would have to be installed at the website level.

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

More often than not, we developers are confronted with a need: a need to make some kind of magic happen via code. Whether it is for a client, for the boss, or for our own personal projects, the need must be satisfied. Most of the time, the Framework…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question