Shane
asked on
How to tie SSL cert to site in IIS 7.5
I've been given the task to find out what SSL certificates are expiring on all of our Intranet sites. I'm not too familiar with IIS 7.5. When I browse to "certificates" through the mmc I go to "Personal" and see that there are two certs. One is expired and the other is not.
The expired cert Issued To, says our site name and it expired on 10/23/13
The other cert Issued To, says verisign.com and expires on 10/24/16
For the cert that is not expired, how do I know that cert is tied to my site? I do not see that cert listed anywhere in IIS under my site. This is where I'm confused.
Thanks
The expired cert Issued To, says our site name and it expired on 10/23/13
The other cert Issued To, says verisign.com and expires on 10/24/16
For the cert that is not expired, how do I know that cert is tied to my site? I do not see that cert listed anywhere in IIS under my site. This is where I'm confused.
Thanks
ASKER
I guess my main question is, where in IIS can I find what SSL cert my site is using.
You are in the right place to check the certificate that your site is using, i.e
MMC - Add Snap-ins - Certificate - (Computer account) - Local Computer - Personal - Certificates.
MMC - Add Snap-ins - Certificate - (Computer account) - Local Computer - Personal - Certificates.
ASKER
Right but lets say I have two sites in IIS. How do I match up the certs in Personal - Certificates to the sites in IIS? Is there an area in IIS that tells me what cert the site is using?
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
When I click on Server - Server certificates, it only has the cert listed that has expired. Is this telling me that the cert in mmc that has not expired is not tied to my sites?
Sorry, I'm very unfamilar with IIS and certificates.
Thanks
Sorry, I'm very unfamilar with IIS and certificates.
Thanks
It means that : -
1) either that is not mapped to any of your website
2) that is not in use
3) That is not for website
you can double click kon that certificate and see the domian it is issued for and make sure for which it is purchased, and accordingly map it to website.
1) either that is not mapped to any of your website
2) that is not in use
3) That is not for website
you can double click kon that certificate and see the domian it is issued for and make sure for which it is purchased, and accordingly map it to website.
ASKER
I can access the site by HTTP and HTTPS. With the ssl expired, should I still be able to access the site through HTTPS?
In such case there should be a warning message, on browser. actually it should not run, but that will need a code on webpage to bind it with SSL only. If you want to do it via IIS only then create another site with HTTP binding only and make its redirection to HTTPs site.
Was your certificate signed by verisign? If not you don't need to be worried about, just deleted, but ensure that you export it first.
Regards