Solved

Apply SSL Certificates to my IIS Server

Posted on 2016-11-09
12
32 Views
Last Modified: 2016-11-11
I have the SSL Certificates for my .Net Web Site.

How do I apply them on my IIS Server?


Screen Print
0
Comment
Question by:lrbrister
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 17

Expert Comment

by:Ivan
ID: 41881302
Hi,

when you click on any of the 3 web sites, on the far right side you will see bindigs. Click on it, and there you can choose to bind new certificate to site.
Before that, you would import certificate to computer store. usually open mmc, add certificate snapin, go to computer and import certificate.

Regards,
Ivan.
0
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882023
Can you answer a few questions?

1.  What are their hostnames in the DNS?  The Fully Qualified Domain Name {FQDN} (looks like:  hostname.yourdomain.com)
2.  How many SSL Certificates do you have?  1 for each site or 1 wildcard cert?
3.  How many IPs are being used on the IIS Server? 1, 2, or 3?
4.  How are the site bindings configured?  Directly to an IP or are you using the "All unassigned" option?
5.  Where did you create the CSR for the SSL Cert?  On this server or on another?
5a.  If on another site, have you exported the cert(s) from the other server, into a *.pfx file?
5b.  Do you have the password for the cert in 5a?

Dan
0
 

Author Comment

by:lrbrister
ID: 41882217
Hey Dan...
I created the CERTIFICATE REQUEST on our own IIS server
There are two webs but everything is handled in the Host Headers
Using my Certificate Requests text files the Certificates were generated on the GoDaddy site pointing to our "other" server.

I have those two certificates zip files
Each contains two files...
A .crt file and a .p7b file

Those are what I am trying to apply on my IIS Server.

I had step by step documentation and lost them.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882252
Just so I understand correctly, you did the following:

- created 2 CSRs on server-A and submitted them thru GoDaddy
- GoDaddy issued 2 SSL Certs for 2 unique FQDNs
- now you have the output from completing the Cert CSR process

--- is this correct?

My questions back to you:

1.  What version of Windows Server are you using?
2. Have you completed the CSR process on server-A (the server where you created the CSR)?
--- meaning you have installed the certs on server-A
3.  Have you exported the certificates from server-A, so you can import them on other computers?

Here is the process for IIS8 from teh GoDaddy website:  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950

Before you can install these new SSL Certs, you have to complete the CSR process on the source server... the server where you created the CSR.  Once the certificate installation process in complete on the source server, you can export the certificate and install them where ever you wish.

Dan
0
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882254
0
 

Author Comment

by:lrbrister
ID: 41882260
Dan,
 These are certificates for the SSL on the server.

It is a Windows Server 2012R2
Version 6.2 Build 9200
0
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 41882303
I understand what they are... but before you can move SSL Certificate from server to server, the CSR process must be completed on the server where the CSR was created.  Then you export the cert into a .pfx file which can me moved around.

Again, I suggest that you follow the instructions from GoDaddy, from my previous post.

Dan
0
 

Author Comment

by:lrbrister
ID: 41882435
I was told that to make my https:// work
I needed to do what I have done already
Get the generated certainty back from Amazon which I have

And apply them in IIS

I am not trying to issue certs out to anyone

Simply make my web ssl
0
 

Author Comment

by:lrbrister
ID: 41882437
"Certificates" not certainty
0
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 41883388
The process of enabling SSL on a website is a well documented process.  First you generate a Certificate Signing Request (CSR), you then submit that to a well-known Certificate Authority (CA), pay for the SSL Cert, the CA verifies the authenticity of the CSR, then issues a response to the CSR... which are the files you now have.  Then, you must complete the CSR process by installing the Certificate on the server where you created the CSR.  (I am speaking to the process on Windows and IIS).

At this point, you can export the Certificate and private key to a .pfx file, which requires that a password be placed on the file.  Now you can move the .pfx file to another web server and import that SSL Certificate using the password you created when doing the export.

Never have I mentioned, anything about building a Certificate Authority where you can issue tickets.  None of the links I've provided indicate anything about CAs.  The links provided all instruct you have to install and use an SSL Certificate that has been issued by GoDaddy.

Again, I highly recommend that you read the following articles and follow the instruction contained in them.

1.  https://www.godaddy.com/help/iis-8windows-server-2012-generate-csrs-certificate-signing-requests-4950
2.  https://www.godaddy.com/help/iis-8-install-a-certificate-4951

The links above describe how to install a certificate on IIS8+ if the cert was issued by GoDaddy.

Dan
0
 

Author Closing Comment

by:lrbrister
ID: 41883706
Thanks
0
 

Author Comment

by:lrbrister
ID: 41883787
It was exceedingly simple

I just had to Complete Certificate Request on IIS
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question