Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Apply SSL Certificates to my IIS Server

Posted on 2016-11-09
12
Medium Priority
?
52 Views
Last Modified: 2016-11-11
I have the SSL Certificates for my .Net Web Site.

How do I apply them on my IIS Server?


Screen Print
0
Comment
Question by:lrbrister
  • 6
  • 5
12 Comments
 
LVL 17

Expert Comment

by:Ivan
ID: 41881302
Hi,

when you click on any of the 3 web sites, on the far right side you will see bindigs. Click on it, and there you can choose to bind new certificate to site.
Before that, you would import certificate to computer store. usually open mmc, add certificate snapin, go to computer and import certificate.

Regards,
Ivan.
0
 
LVL 29

Expert Comment

by:Dan McFadden
ID: 41882023
Can you answer a few questions?

1.  What are their hostnames in the DNS?  The Fully Qualified Domain Name {FQDN} (looks like:  hostname.yourdomain.com)
2.  How many SSL Certificates do you have?  1 for each site or 1 wildcard cert?
3.  How many IPs are being used on the IIS Server? 1, 2, or 3?
4.  How are the site bindings configured?  Directly to an IP or are you using the "All unassigned" option?
5.  Where did you create the CSR for the SSL Cert?  On this server or on another?
5a.  If on another site, have you exported the cert(s) from the other server, into a *.pfx file?
5b.  Do you have the password for the cert in 5a?

Dan
0
 

Author Comment

by:lrbrister
ID: 41882217
Hey Dan...
I created the CERTIFICATE REQUEST on our own IIS server
There are two webs but everything is handled in the Host Headers
Using my Certificate Requests text files the Certificates were generated on the GoDaddy site pointing to our "other" server.

I have those two certificates zip files
Each contains two files...
A .crt file and a .p7b file

Those are what I am trying to apply on my IIS Server.

I had step by step documentation and lost them.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 29

Expert Comment

by:Dan McFadden
ID: 41882252
Just so I understand correctly, you did the following:

- created 2 CSRs on server-A and submitted them thru GoDaddy
- GoDaddy issued 2 SSL Certs for 2 unique FQDNs
- now you have the output from completing the Cert CSR process

--- is this correct?

My questions back to you:

1.  What version of Windows Server are you using?
2. Have you completed the CSR process on server-A (the server where you created the CSR)?
--- meaning you have installed the certs on server-A
3.  Have you exported the certificates from server-A, so you can import them on other computers?

Here is the process for IIS8 from teh GoDaddy website:  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950

Before you can install these new SSL Certs, you have to complete the CSR process on the source server... the server where you created the CSR.  Once the certificate installation process in complete on the source server, you can export the certificate and install them where ever you wish.

Dan
0
 
LVL 29

Expert Comment

by:Dan McFadden
ID: 41882254
0
 

Author Comment

by:lrbrister
ID: 41882260
Dan,
 These are certificates for the SSL on the server.

It is a Windows Server 2012R2
Version 6.2 Build 9200
0
 
LVL 29

Expert Comment

by:Dan McFadden
ID: 41882303
I understand what they are... but before you can move SSL Certificate from server to server, the CSR process must be completed on the server where the CSR was created.  Then you export the cert into a .pfx file which can me moved around.

Again, I suggest that you follow the instructions from GoDaddy, from my previous post.

Dan
0
 

Author Comment

by:lrbrister
ID: 41882435
I was told that to make my https:// work
I needed to do what I have done already
Get the generated certainty back from Amazon which I have

And apply them in IIS

I am not trying to issue certs out to anyone

Simply make my web ssl
0
 

Author Comment

by:lrbrister
ID: 41882437
"Certificates" not certainty
0
 
LVL 29

Accepted Solution

by:
Dan McFadden earned 2000 total points
ID: 41883388
The process of enabling SSL on a website is a well documented process.  First you generate a Certificate Signing Request (CSR), you then submit that to a well-known Certificate Authority (CA), pay for the SSL Cert, the CA verifies the authenticity of the CSR, then issues a response to the CSR... which are the files you now have.  Then, you must complete the CSR process by installing the Certificate on the server where you created the CSR.  (I am speaking to the process on Windows and IIS).

At this point, you can export the Certificate and private key to a .pfx file, which requires that a password be placed on the file.  Now you can move the .pfx file to another web server and import that SSL Certificate using the password you created when doing the export.

Never have I mentioned, anything about building a Certificate Authority where you can issue tickets.  None of the links I've provided indicate anything about CAs.  The links provided all instruct you have to install and use an SSL Certificate that has been issued by GoDaddy.

Again, I highly recommend that you read the following articles and follow the instruction contained in them.

1.  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950
2.  https://www.godaddy.com/help/iis-8-install-a-certificate-4951

The links above describe how to install a certificate on IIS8+ if the cert was issued by GoDaddy.

Dan
0
 

Author Closing Comment

by:lrbrister
ID: 41883706
Thanks
0
 

Author Comment

by:lrbrister
ID: 41883787
It was exceedingly simple

I just had to Complete Certificate Request on IIS
0

Featured Post

[Webinar] Cloud Security

In this webinar you will learn:

-Why existing firewall and DMZ architectures are not suited for securing cloud applications
-How to make your enterprise “Cloud Ready”, and fix your aging DMZ architecture
-How to transform your enterprise and become a Cloud Enabler

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Simulator games are perfect for generating sample realistic data streams, especially for learning data analysis. It is even useful for demoing offerings such as Azure stream analytics, PowerBI etc.
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Screencast - Getting to Know the Pipeline

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question