Solved

Apply SSL Certificates to my IIS Server

Posted on 2016-11-09
12
19 Views
Last Modified: 2016-11-11
I have the SSL Certificates for my .Net Web Site.

How do I apply them on my IIS Server?


Screen Print
0
Comment
Question by:lrbrister
  • 6
  • 5
12 Comments
 
LVL 16

Expert Comment

by:Ivan
ID: 41881302
Hi,

when you click on any of the 3 web sites, on the far right side you will see bindigs. Click on it, and there you can choose to bind new certificate to site.
Before that, you would import certificate to computer store. usually open mmc, add certificate snapin, go to computer and import certificate.

Regards,
Ivan.
0
 
LVL 26

Expert Comment

by:Dan McFadden
ID: 41882023
Can you answer a few questions?

1.  What are their hostnames in the DNS?  The Fully Qualified Domain Name {FQDN} (looks like:  hostname.yourdomain.com)
2.  How many SSL Certificates do you have?  1 for each site or 1 wildcard cert?
3.  How many IPs are being used on the IIS Server? 1, 2, or 3?
4.  How are the site bindings configured?  Directly to an IP or are you using the "All unassigned" option?
5.  Where did you create the CSR for the SSL Cert?  On this server or on another?
5a.  If on another site, have you exported the cert(s) from the other server, into a *.pfx file?
5b.  Do you have the password for the cert in 5a?

Dan
0
 

Author Comment

by:lrbrister
ID: 41882217
Hey Dan...
I created the CERTIFICATE REQUEST on our own IIS server
There are two webs but everything is handled in the Host Headers
Using my Certificate Requests text files the Certificates were generated on the GoDaddy site pointing to our "other" server.

I have those two certificates zip files
Each contains two files...
A .crt file and a .p7b file

Those are what I am trying to apply on my IIS Server.

I had step by step documentation and lost them.
0
 
LVL 26

Expert Comment

by:Dan McFadden
ID: 41882252
Just so I understand correctly, you did the following:

- created 2 CSRs on server-A and submitted them thru GoDaddy
- GoDaddy issued 2 SSL Certs for 2 unique FQDNs
- now you have the output from completing the Cert CSR process

--- is this correct?

My questions back to you:

1.  What version of Windows Server are you using?
2. Have you completed the CSR process on server-A (the server where you created the CSR)?
--- meaning you have installed the certs on server-A
3.  Have you exported the certificates from server-A, so you can import them on other computers?

Here is the process for IIS8 from teh GoDaddy website:  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950

Before you can install these new SSL Certs, you have to complete the CSR process on the source server... the server where you created the CSR.  Once the certificate installation process in complete on the source server, you can export the certificate and install them where ever you wish.

Dan
0
 
LVL 26

Expert Comment

by:Dan McFadden
ID: 41882254
0
 

Author Comment

by:lrbrister
ID: 41882260
Dan,
 These are certificates for the SSL on the server.

It is a Windows Server 2012R2
Version 6.2 Build 9200
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 26

Expert Comment

by:Dan McFadden
ID: 41882303
I understand what they are... but before you can move SSL Certificate from server to server, the CSR process must be completed on the server where the CSR was created.  Then you export the cert into a .pfx file which can me moved around.

Again, I suggest that you follow the instructions from GoDaddy, from my previous post.

Dan
0
 

Author Comment

by:lrbrister
ID: 41882435
I was told that to make my https:// work
I needed to do what I have done already
Get the generated certainty back from Amazon which I have

And apply them in IIS

I am not trying to issue certs out to anyone

Simply make my web ssl
0
 

Author Comment

by:lrbrister
ID: 41882437
"Certificates" not certainty
0
 
LVL 26

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 41883388
The process of enabling SSL on a website is a well documented process.  First you generate a Certificate Signing Request (CSR), you then submit that to a well-known Certificate Authority (CA), pay for the SSL Cert, the CA verifies the authenticity of the CSR, then issues a response to the CSR... which are the files you now have.  Then, you must complete the CSR process by installing the Certificate on the server where you created the CSR.  (I am speaking to the process on Windows and IIS).

At this point, you can export the Certificate and private key to a .pfx file, which requires that a password be placed on the file.  Now you can move the .pfx file to another web server and import that SSL Certificate using the password you created when doing the export.

Never have I mentioned, anything about building a Certificate Authority where you can issue tickets.  None of the links I've provided indicate anything about CAs.  The links provided all instruct you have to install and use an SSL Certificate that has been issued by GoDaddy.

Again, I highly recommend that you read the following articles and follow the instruction contained in them.

1.  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950
2.  https://www.godaddy.com/help/iis-8-install-a-certificate-4951

The links above describe how to install a certificate on IIS8+ if the cert was issued by GoDaddy.

Dan
0
 

Author Closing Comment

by:lrbrister
ID: 41883706
Thanks
0
 

Author Comment

by:lrbrister
ID: 41883787
It was exceedingly simple

I just had to Complete Certificate Request on IIS
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
C# Offline Apllication 5 56
SQL Login 17 41
Visual Studio 2015 Source Code Control 10 38
What namespace do I need to import? 2 14
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now