Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Apply SSL Certificates to my IIS Server

Posted on 2016-11-09
12
Medium Priority
?
41 Views
Last Modified: 2016-11-11
I have the SSL Certificates for my .Net Web Site.

How do I apply them on my IIS Server?


Screen Print
0
Comment
Question by:lrbrister
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 17

Expert Comment

by:Ivan
ID: 41881302
Hi,

when you click on any of the 3 web sites, on the far right side you will see bindigs. Click on it, and there you can choose to bind new certificate to site.
Before that, you would import certificate to computer store. usually open mmc, add certificate snapin, go to computer and import certificate.

Regards,
Ivan.
0
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882023
Can you answer a few questions?

1.  What are their hostnames in the DNS?  The Fully Qualified Domain Name {FQDN} (looks like:  hostname.yourdomain.com)
2.  How many SSL Certificates do you have?  1 for each site or 1 wildcard cert?
3.  How many IPs are being used on the IIS Server? 1, 2, or 3?
4.  How are the site bindings configured?  Directly to an IP or are you using the "All unassigned" option?
5.  Where did you create the CSR for the SSL Cert?  On this server or on another?
5a.  If on another site, have you exported the cert(s) from the other server, into a *.pfx file?
5b.  Do you have the password for the cert in 5a?

Dan
0
 

Author Comment

by:lrbrister
ID: 41882217
Hey Dan...
I created the CERTIFICATE REQUEST on our own IIS server
There are two webs but everything is handled in the Host Headers
Using my Certificate Requests text files the Certificates were generated on the GoDaddy site pointing to our "other" server.

I have those two certificates zip files
Each contains two files...
A .crt file and a .p7b file

Those are what I am trying to apply on my IIS Server.

I had step by step documentation and lost them.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882252
Just so I understand correctly, you did the following:

- created 2 CSRs on server-A and submitted them thru GoDaddy
- GoDaddy issued 2 SSL Certs for 2 unique FQDNs
- now you have the output from completing the Cert CSR process

--- is this correct?

My questions back to you:

1.  What version of Windows Server are you using?
2. Have you completed the CSR process on server-A (the server where you created the CSR)?
--- meaning you have installed the certs on server-A
3.  Have you exported the certificates from server-A, so you can import them on other computers?

Here is the process for IIS8 from teh GoDaddy website:  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950

Before you can install these new SSL Certs, you have to complete the CSR process on the source server... the server where you created the CSR.  Once the certificate installation process in complete on the source server, you can export the certificate and install them where ever you wish.

Dan
0
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882254
0
 

Author Comment

by:lrbrister
ID: 41882260
Dan,
 These are certificates for the SSL on the server.

It is a Windows Server 2012R2
Version 6.2 Build 9200
0
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882303
I understand what they are... but before you can move SSL Certificate from server to server, the CSR process must be completed on the server where the CSR was created.  Then you export the cert into a .pfx file which can me moved around.

Again, I suggest that you follow the instructions from GoDaddy, from my previous post.

Dan
0
 

Author Comment

by:lrbrister
ID: 41882435
I was told that to make my https:// work
I needed to do what I have done already
Get the generated certainty back from Amazon which I have

And apply them in IIS

I am not trying to issue certs out to anyone

Simply make my web ssl
0
 

Author Comment

by:lrbrister
ID: 41882437
"Certificates" not certainty
0
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 2000 total points
ID: 41883388
The process of enabling SSL on a website is a well documented process.  First you generate a Certificate Signing Request (CSR), you then submit that to a well-known Certificate Authority (CA), pay for the SSL Cert, the CA verifies the authenticity of the CSR, then issues a response to the CSR... which are the files you now have.  Then, you must complete the CSR process by installing the Certificate on the server where you created the CSR.  (I am speaking to the process on Windows and IIS).

At this point, you can export the Certificate and private key to a .pfx file, which requires that a password be placed on the file.  Now you can move the .pfx file to another web server and import that SSL Certificate using the password you created when doing the export.

Never have I mentioned, anything about building a Certificate Authority where you can issue tickets.  None of the links I've provided indicate anything about CAs.  The links provided all instruct you have to install and use an SSL Certificate that has been issued by GoDaddy.

Again, I highly recommend that you read the following articles and follow the instruction contained in them.

1.  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950
2.  https://www.godaddy.com/help/iis-8-install-a-certificate-4951

The links above describe how to install a certificate on IIS8+ if the cert was issued by GoDaddy.

Dan
0
 

Author Closing Comment

by:lrbrister
ID: 41883706
Thanks
0
 

Author Comment

by:lrbrister
ID: 41883787
It was exceedingly simple

I just had to Complete Certificate Request on IIS
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question