Steps to Install SSL/TLS Certificate in MS IIS 7
The steps below will help you navigate the SSL Certificate installation process for Microsoft IIS 7. If you are using two or more servers you’ll need to set up the certificates on every device or server you want to protect. So, we understand that you have generated the CSR already and submitted CSR. Validation process is completed and certificate issued. Once, you complete the validation process you will get certificate from Certificate Authority. IIS SSL Certificate is most unique way for SSL Installation process. SSL Certificate process to be install an ssl certificate using your new certificate. SSL certificate installation in IIS 7.
What You’ll Have to Do
1. Your server’s SSL certificate
This is the certification you got from the CA to verify your domain. It is possible that you received this by email. If it is not the option to download it is going to the Account Dashboard by clicking your purchase.
2. Intermediate SSL certificates
Intermediate SSL Certificates enables devices that connect with your servers to recognize the certificate Certificate Authority that issued the SSL Certificate. There could be multiple such certificate. If you have received certificates in ZIP file it must also include the intermediate certificate(s) and is often referred to as the CA Bundle. You have to contact your certificate provider to get the intermediate certificate. Our Web Security eXperts already have bundles of certificate authority ready so that your SSL Certificate Installation process would be smooth.
3. Private Key – Key Component in SSL Certificate Process.
Private key is most important component in SSL Certificate. Private key will help your server and client to have secure communication. Some platform do allow end user to access private key. Microsoft Windows Operating System does not allow user to access private key directly. This makes IIS more secure compare to other platforms. Though, you can export private key along with certificate as PKCS12 format.
Install An SSL Certificate
1. Launch IIS Manager
Go Control Panel, Administrative Tools and then select Internet Information Services (IIS) Manager.
2. Choose your server’s name
On the left Connections menu, choose the server’s name(host) which you would like to install the certificate.
3. Select the Security section.
In the menu at the top Click to open the server certificate icon beneath the Security section close to the top.
4. Click Complete Request for Certificate
In the left Actions menu In the right Actions menu, click Complete Request for Certificate.
5. Navigate for your Server Certificate
At Complete Certificate Request wizard you need to click ” …” to explore and select Server SSL Certificate file that you previously downloaded from your certificate provider.
6. Name the certificate you have received.
Input the friendly name that can be an internal number to identify the file in the future. We suggest including in the CAs names and the expiration dates.
7. Click OK
Select “OK,” after which the new certificate will be displayed in the updated Server Certificate List.
Notice: If you encounter an error in this step, you can always ask for help from our websecurity experts and get SSL Installation Service from our website. To install an ssl certificate you are always trust us.
The Binding of Your Certification to your Website
Proceed with the other steps to aid you in assigning or binding your SSL certificate onto the right website.
1. Open to your Sites folder
In the Connections menu Expand the name of your server, then extend your sites folder, and finally choose the website (e.g. the default web site) you wish to protect.
2. Click to Bindings…
To access the appropriate Actions menu Click on Bindings…
3. Click Add
In the Site Bindings …, Click Add.Note that if you have already created the proper site binding in place Click “Edit” and modify to the SSL Certificate accordingly.
4. Input the following
When you click “Add Site Bindings In Add Site Bindings, type in the following details:
Type Select “https”.
IP Address – Select “All unassigned”. If you’ve more than one IP address, choose the one that’s pointing to your website
Port– Type in “443” except if you’re listening to SSL Protocol using another port (e.g. 8443).
SSL Certificates Choose “HTML” as the “friendly title” for the SSL certificate that you have just installed. It is always possible to click “View” to verify the validity information of the certificate.
5. Click OK
Click OK to complete linking your SSL certificate onto your website live.
Congratulations! Your Server SSL Certificate has been installed Successfully! You can check if SSL Certificate works properly by visiting the website in your browser at https://yourwebsite.tld see that browser does not show that Website is “NOT SECURE” and view your certificate by clicking on Padlock on your browser’s address bar. You need to restart server to make sure that SSL Certificate works properly.
Known Troubleshooting Messages for IIS 7
Microsoft IIS 7 is known to produce one of two errors: “Cannot find the certificate request that is associated with the certificate file. A certificate request has to be made on the computer which created it. .””ASN1 negative tag number is met.”
If you’re certain that this is the server that you used to generate the CSR The error might be unimportant and the certificate might be properly been installed. To confirm this you must close the dialog and select “F5” for a refresh of the listing of certificates issued by servers. The newly issued certificate will appear in the list and you are able to proceed with your next steps.
If your newly-installed certificate doesn’t show up in the list of server certificates We recommend that you issue the certificate using a new CSR and try the installation process over again. Here are some steps to help you navigate the process of re-issuance:
1. Create a brand CSR that is anew one.
Create a fresh Certificate request associated with this domain. You have to generate new CSR that would help you to get new certificate.
2. Log into to your Account Control Panel
Log into the account control Panel.
3. Select the Active Certificate you have selected.
Choose the active certificate.
4. Click Re-Issue to Issue Certificate
Hit the Re-Issue the Certificate button.
5. Paste your new CSR
Copy in your CSR.
6. Complete Domain Validation of the Domain
Submit and complete the domain validation (if necessary).
7. Keep the certificate that you just received.
The newly-issued SSL certificate to the server’s desktop.
8. Reread the installation instructions
Continue the SSL installation process , referring to the above directions.
Instruction Manual for Intermediate Installation
If your intermediate certificates could not install or adjust themselves in the correct way, follow the steps below for how to install them manually in Microsoft IIS 7.
1. Open your Intermediate Certificate
Click twice on the saved Intermediate Certificate from the desktop of your server and then click to open it..
2. Click to install the certificate…
In the Certificate section, beneath the General tab Click “Install Certificate… to begin the process of importation and then select next.
3. Select Place all certificates in the next store
Choose the certificates to be placed in the store below and then click to browse.
4. Check for physical stores.
Make sure to check for the Physical stores that are shown box.
5. Develop Intermediate Certification Authorities
The intermediate certification Authorities folder.
6. Select Local Computer
Choose Local Computer, click OK, then Finish.
7. Restart your server
Make sure you restart Your Microsoft IIS server.
8. Go To Services manager
You can Restart IIS Service using Service Manager.
9. Sometimes you need to restart server
Sometime you have to restart server in order to SSL Certificate to work properly. It is always advisable to have proper planing to be taken care while installing an ssl certificate. You can always hire professionals from Web Security Experts to install SSL Certificate for you. Our SSL Installation Services helps you to secure your IIS with almost security standards available.