Solved

How to tie SSL cert to site in IIS 7.5

Posted on 2014-01-15
9
466 Views
Last Modified: 2014-01-21
I've been given the task to find out what SSL certificates are expiring on all of our Intranet sites. I'm not too familiar with IIS 7.5. When I browse to "certificates" through the mmc I go to "Personal" and see that there are two certs. One is expired and the other is not.

The expired cert Issued To, says our site name and it expired on 10/23/13
The other cert Issued To, says verisign.com and expires on 10/24/16

For the cert that is not expired, how do I know that cert is tied to my site? I do not see that cert listed anywhere in IIS under my site. This is where I'm confused.

Thanks
0
Comment
Question by:BuRinger7a
  • 4
  • 3
  • 2
9 Comments
 
LVL 16

Expert Comment

by:Emmanuel Adebayo
Comment Utility
The cert that is not expired i.e verisign.com suppose not to be in your Personal folder, if at all it should be in the Root or Intermediate Certificate Authority.

Was your certificate signed by verisign? If not you don't need to be worried about, just deleted, but ensure that you export it first.

Regards
0
 

Author Comment

by:BuRinger7a
Comment Utility
I guess my main question is, where in IIS can I find what SSL cert my site is using.
0
 
LVL 16

Expert Comment

by:Emmanuel Adebayo
Comment Utility
You are in the right place to check the certificate that your site is using, i.e

MMC -  Add Snap-ins - Certificate - (Computer account) - Local Computer - Personal - Certificates.
0
 

Author Comment

by:BuRinger7a
Comment Utility
Right but lets say I have two sites in IIS. How do I match up the certs in Personal - Certificates to the sites in IIS? Is there an area in IIS that tells me what cert the site is using?

Thanks
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 15

Accepted Solution

by:
pcsmitpra earned 500 total points
Comment Utility
Launch IIS > Click on Server > Select Server certificates
You can see all SSL certificates which are mapped or placed for any of the website.
0
 

Author Comment

by:BuRinger7a
Comment Utility
When I click on Server - Server certificates, it only has the cert listed that has expired. Is this telling me that the cert in mmc that has not expired is not tied to my sites?

Sorry, I'm very unfamilar with IIS and certificates.

Thanks
0
 
LVL 15

Expert Comment

by:pcsmitpra
Comment Utility
It means that : -
1) either that is not mapped to any of your website
2) that is not in use
3) That is not for website

you can double click kon that certificate and see the domian it is issued for and make sure for which it is purchased, and accordingly map it to website.
0
 

Author Comment

by:BuRinger7a
Comment Utility
I can access the site by HTTP and HTTPS. With the ssl expired, should I still be able to access the site through HTTPS?
0
 
LVL 15

Expert Comment

by:pcsmitpra
Comment Utility
In such case there should be a warning message, on browser. actually it should not run, but that will need a code on webpage to bind it with SSL only. If you want to do it via IIS only then create another site with HTTP binding only and make its redirection to HTTPs site.
0

Featured Post

Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

Join & Write a Comment

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now