Solved

Apply SSL Certificates to my IIS Server

Posted on 2016-11-09
12
17 Views
Last Modified: 2016-11-11
I have the SSL Certificates for my .Net Web Site.

How do I apply them on my IIS Server?


Screen Print
0
Comment
Question by:lrbrister
  • 6
  • 5
12 Comments
 
LVL 15

Expert Comment

by:Ivan
Comment Utility
Hi,

when you click on any of the 3 web sites, on the far right side you will see bindigs. Click on it, and there you can choose to bind new certificate to site.
Before that, you would import certificate to computer store. usually open mmc, add certificate snapin, go to computer and import certificate.

Regards,
Ivan.
0
 
LVL 26

Expert Comment

by:Dan McFadden
Comment Utility
Can you answer a few questions?

1.  What are their hostnames in the DNS?  The Fully Qualified Domain Name {FQDN} (looks like:  hostname.yourdomain.com)
2.  How many SSL Certificates do you have?  1 for each site or 1 wildcard cert?
3.  How many IPs are being used on the IIS Server? 1, 2, or 3?
4.  How are the site bindings configured?  Directly to an IP or are you using the "All unassigned" option?
5.  Where did you create the CSR for the SSL Cert?  On this server or on another?
5a.  If on another site, have you exported the cert(s) from the other server, into a *.pfx file?
5b.  Do you have the password for the cert in 5a?

Dan
0
 

Author Comment

by:lrbrister
Comment Utility
Hey Dan...
I created the CERTIFICATE REQUEST on our own IIS server
There are two webs but everything is handled in the Host Headers
Using my Certificate Requests text files the Certificates were generated on the GoDaddy site pointing to our "other" server.

I have those two certificates zip files
Each contains two files...
A .crt file and a .p7b file

Those are what I am trying to apply on my IIS Server.

I had step by step documentation and lost them.
0
 
LVL 26

Expert Comment

by:Dan McFadden
Comment Utility
Just so I understand correctly, you did the following:

- created 2 CSRs on server-A and submitted them thru GoDaddy
- GoDaddy issued 2 SSL Certs for 2 unique FQDNs
- now you have the output from completing the Cert CSR process

--- is this correct?

My questions back to you:

1.  What version of Windows Server are you using?
2. Have you completed the CSR process on server-A (the server where you created the CSR)?
--- meaning you have installed the certs on server-A
3.  Have you exported the certificates from server-A, so you can import them on other computers?

Here is the process for IIS8 from teh GoDaddy website:  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950

Before you can install these new SSL Certs, you have to complete the CSR process on the source server... the server where you created the CSR.  Once the certificate installation process in complete on the source server, you can export the certificate and install them where ever you wish.

Dan
0
 
LVL 26

Expert Comment

by:Dan McFadden
Comment Utility
0
 

Author Comment

by:lrbrister
Comment Utility
Dan,
 These are certificates for the SSL on the server.

It is a Windows Server 2012R2
Version 6.2 Build 9200
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 26

Expert Comment

by:Dan McFadden
Comment Utility
I understand what they are... but before you can move SSL Certificate from server to server, the CSR process must be completed on the server where the CSR was created.  Then you export the cert into a .pfx file which can me moved around.

Again, I suggest that you follow the instructions from GoDaddy, from my previous post.

Dan
0
 

Author Comment

by:lrbrister
Comment Utility
I was told that to make my https:// work
I needed to do what I have done already
Get the generated certainty back from Amazon which I have

And apply them in IIS

I am not trying to issue certs out to anyone

Simply make my web ssl
0
 

Author Comment

by:lrbrister
Comment Utility
"Certificates" not certainty
0
 
LVL 26

Accepted Solution

by:
Dan McFadden earned 500 total points
Comment Utility
The process of enabling SSL on a website is a well documented process.  First you generate a Certificate Signing Request (CSR), you then submit that to a well-known Certificate Authority (CA), pay for the SSL Cert, the CA verifies the authenticity of the CSR, then issues a response to the CSR... which are the files you now have.  Then, you must complete the CSR process by installing the Certificate on the server where you created the CSR.  (I am speaking to the process on Windows and IIS).

At this point, you can export the Certificate and private key to a .pfx file, which requires that a password be placed on the file.  Now you can move the .pfx file to another web server and import that SSL Certificate using the password you created when doing the export.

Never have I mentioned, anything about building a Certificate Authority where you can issue tickets.  None of the links I've provided indicate anything about CAs.  The links provided all instruct you have to install and use an SSL Certificate that has been issued by GoDaddy.

Again, I highly recommend that you read the following articles and follow the instruction contained in them.

1.  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950
2.  https://www.godaddy.com/help/iis-8-install-a-certificate-4951

The links above describe how to install a certificate on IIS8+ if the cert was issued by GoDaddy.

Dan
0
 

Author Closing Comment

by:lrbrister
Comment Utility
Thanks
0
 

Author Comment

by:lrbrister
Comment Utility
It was exceedingly simple

I just had to Complete Certificate Request on IIS
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Lync server 2013 Backup Service Error ID 4049 – After File Share Migration
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now