Installing SSL certificate on IIS 6.0

Dear All
Please read the documentation for installing SSL Certificate into IIS 6.0

You will receive two certificates from vendor
1) SSL certificate for web server
2) Intermediate CA certificate

Installing SSL certificate for web server

Open Notepad and paste the content of the certificate:

You should then have a text file that looks like:

—–BEGIN CERTIFICATE—–
[encoded data]
—–END CERTIFICATE—–

Make sure you have 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white space, extra line breaks or additional characters have been inadvertently added.
save the files with a name and extension as .cer
1. Open the Internet Services Manager (IIS):
a) Click Start
b) Select All Programs
c) Select Administrative Tools
d) Choose Internet Information Services (IIS) Manager

2. Under Web Sites, right-click your web site and select Properties.

3. Click the Directory Security tab.

4. Under Secure Communications, click Server Certificate.

5. The Web Site Certificate Wizard will open, click Next.

6. Choose Process the Pending Request and Install the Certificate, then click Next.

Important: The pending request must match the response file. If you deleted the pending request in error you must generate a new CSR and replace this certificate.

7. Select the location of the certificate response file, and then click Next.

8. Read the summary screen to be sure that you are processing the correct certificate and then click Next.

9. You see a confirmation screen. After you read this information, click Next.

Stop and start your Web server prior to any testing.

Be sure to assign your site an SSL port (443 by default).

If you do not specify an IP address when installing your SSL Certificate, the same ID will be used for all virtual servers created on the system.

If you are hosting multiple sites on a single server, you can specify that the ID only be used for a particular server IP address

Installing Intermediate CA certificate
Default in IIS5.0 and above, Intermediate CA certificate is available but the expiry date is 2004 so we need to delete the existing one and then install new CA certificate.
Procedure
Open Notepad and paste the content of the certificate:

You should then have a text file that looks like:

—–BEGIN CERTIFICATE—–
[encoded data]
—–END CERTIFICATE—–

Make sure you have 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white space, extra line breaks or additional characters have been inadvertently added.

a) Click Start
b) Select Run
c) Select MMC
d) select File menu and click on Add/Remove Snap-in..
e) Select Certificates option in it
f) From left panel select Intermediate Certification Authorities  certificates
g) From Right panel delete Class 3 Public Primary Certificate Authority ( Read in Issued by)
h) Now Right click on Certificates ( left panel ) and select All Tasks and then select Import
i) Select the file in which we have copied the Intermediate certificate text from email
j) It will install the intermediate CA certificate for Clients.

NOTE :- You need to open 443 ( SSL port) on the server

With Regards,

Prashant Deshpande

Advertisements

Leave a comment

Filed under IIS, Server Application, Web/Application Server

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s