Solved

Windows 2012 IIS 8 adding SSL

Posted on 2014-12-29
7
94 Views
Last Modified: 2015-01-15
Here the scenario:
Windows 2012 Server
IIS8

I need to run a web based application off the server. Internally works fine resolving to http://servername. I purchased an ssl cert and would like to set it up on the server. What i'd like to do is create a subdomain off of the hosting company aplus.net  (subdomain.myhost.com)and point that to the local server in house and use the SSL for that. I have an SSL registered and purchased.  I try to add the SSL cert to the server and it disappears from IIS. Do I need to create a domain cert first? Any help greatly appreciated. If I'm completely off on this please advise best steps. Thanks
0
Comment
Question by:jsgould
  • 5
  • 2
7 Comments
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40523595
Guessing you own a domain i.e. example.com and have purchased an ssl certificate with the common name of mysite.example.com .. The way that I would do it is in the dns settings managed by your registrar add mysite.example.com and www.mysite.example.com with an A record that points to your public ip address. At your router forward ports 80 and 443 to the machine local ip address that hosts your website.  In IIS I would create a new site with the bindings for port 80 and port 443 (http/https) with a host header of both mysite.example.com and www.mysite.example.com in the https bindings add your certificate
0
 

Author Comment

by:jsgould
ID: 40524659
ok. i'll give it a try but may not be able til after the holiday. I'll keep you posted. Thank you
0
 

Author Comment

by:jsgould
ID: 40531807
Whenever I go to add the SSL cert to IIS 8 it shows as loaded and when I go back it's no longer there like it's not accepting it. Even when it's showing there and I do go to add the bindings for 443 the SSL cert does not show as an option to choose. Changes I've made domain.com instead of suddomain.domain.com. The SSL cert is for domain.com. I removed the host header info and the website works internally. Currently the registrar's DNS only has www.domain.com pointing to our internal server. I need to make sure ftp.domain.com still stays where it is. nothing else matters as this is a utility domain name. Do i also need to make a host file or DNS entry so domainname.com resolves to the local system? Should also not use all unassigned for ip address bindings and just choose the ip address? Any thoughts greatly appreciated. Thank you
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 78

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 40532427
a SSL cert with the only Subject name of domain.com is not good for www.domain.com you need an alternate subject name of www.domain.com or a wildcard cert *.domain.com.  Did you create the cert request using IIS and then complete the certificate request with the file provided by the certificate authority?

You don't need a host header if it is the only website hosted on the system. As for IP ports the default is fine.
0
 

Author Comment

by:jsgould
ID: 40532448
no not with IIS i created it from the registrar where the domain is hosted. let me verify and double check all that. thanks
0
 

Author Comment

by:jsgould
ID: 40532493
it's set as www.domain.com with no wildcard
0
 

Author Comment

by:jsgould
ID: 40532652
i'm going to start over. fresh install on a different system. let me see what happens. i'll keep you posted. thanks
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Web Config File 3 82
DNS issue 24 85
HTTP Error 403.14 - Forbidden 5 45
web.config redirect issues 5 25
Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now