How to Install ISS 10.X SSL Certificate?
(Single Certificate) How do you install your SSL certificate and configure the server to use it?
Install SSL Certificate
-
On the server where you created the CSR, save the SSL certificate .cer file (eg your_domain_com.cer ) that DigiCert sent you .
-
Type and open Internet Information Services (IIS) Manager in the Windows start menu .
-
In Internet Information Services (IIS) Manager , in the Connections menu tree (left pane), locate and click the server name.
-
On the Server name Home page (middle pane), in the IIS section, double-click Server Certificates .
-
On the Server Certificates page (middle pane), in the Actions menu (right pane), click the Complete Certificate Request… link.
-
In the Complete Certificate Request wizard, on the Specify Certification Authority Response page, do the following, and then click OK :
filename containing Click the … box and browse and select the .cer file The certificate authority's response: (eg yourdomain_com.cer ) DigiCert sends you. Friend name: Type a friendly name for the certificate. The friendly name is not part of the certificate; instead it is used to identify the certificate. We recommend adding DigiCert and the expiration date to the end of your friendly name, for example: yoursite-digicert-(expiration date). This information helps identify the issuer and expiration date for each certificate. It also helps distinguish multiple certificates with the same domain name. Choose a certificate store Select Web Hosting in the drop-down list . for the new certificate: -
Now that you have successfully installed your SSL certificate, you need to assign the certificate to the appropriate site.
Assign SSL Certificate
-
In Internet Information Services (IIS) Manager , in the Connections menu tree (left pane), expand the name of the server where the certificate was installed. Then expand Sites and click the site for which you want to use the SSL certificate to secure it.
-
On the website's Home page, in the Actions menu (right pane), under Edit Site , click the Links… link.
-
Click Add in the Site Bindings window .
-
In the Add Site Bindings window, do the following and then click OK :
Medicine: Select https in the dropdown list . IP address: Select the IP address of the site in the drop-down list or select All Unassigned . Port: Type port 443 . The port where the traffic is secured by SSL is port 443. SSL certificate: Select your new SSL certificate from the drop-down list (eg yourdomain.com ). -
Your SSL certificate is now installed and the website is configured to accept secure connections.
(Multiple Certificates) How do you install your SSL certificates and configure the server to use them using SNI?
This instructable explains how to install multiple SSL certificates and assign them using SNI. The process is divided into two parts as follows:
Install First SSL Certificate
Do this first set of instructions only once for the first SSL certificate.
-
On the server where you created the CSR, save the SSL certificate .cer file (eg your_domain_com.cer ) that DigiCert sent you .
-
Type and open Internet Information Services (IIS) Manager in the Windows start menu .
-
In Internet Information Services (IIS) Manager , in the Connections menu tree (left pane), locate and click the server name.
-
On the Server name Home page (middle pane), in the IIS section, double-click Server Certificates .
-
On the Server Certificates page (middle pane), in the Actions menu (right pane), click the Complete Certificate Request… link.
-
In the Complete Certificate Request wizard, on the Specify Certification Authority Response page, do the following, and then click OK :
filename containing Click the … box and browse and select the .cer file The certificate authority's response: (eg yourdomain_com.cer ) DigiCert sends you. Friend name: Type a friendly name for the certificate. The friendly name is not part of the certificate; instead it is used to identify the certificate. We recommend adding DigiCert and the expiration date to the end of your friendly name, for example: yoursite-digicert-(expiration date). This information helps identify the issuer and expiration date for each certificate. It also helps distinguish multiple certificates with the same domain name. Choose a certificate store Select Web Hosting in the drop-down list . for the new certificate: -
Now that you have successfully installed your SSL certificate, you need to assign the certificate to the appropriate site.
-
In Internet Information Services (IIS) Manager , in the Connections menu tree (left pane), expand the name of the server where the certificate was installed. Then expand Sites and click the site for which you want to use the SSL certificate to secure it.
-
On the website's Home page, in the Actions menu (right pane), under Edit Site , click the Links… link.
-
Click Add in the Site Bindings window .
-
In the Add Site Bindings window, do the following and then click OK :
Medicine: Select https in the dropdown list . IP address: Select the IP address of the site in the drop-down list or select All Unassigned . Port: Type port 443 . The port where the traffic is secured by SSL is port 443. SSL certificate: Select your new SSL certificate from the drop-down list (eg yourdomain.com ). -
Your first SSL certificate is now installed and the website is configured to accept secure connections.
Install Additional SSL Certificates
Repeat the steps below as needed to install and assign each additional SSL certificate.
-
On the server where you created the CSR, save the SSL certificate .cer file (eg your_domain_com.cer ) that DigiCert sent you .
-
Type and open Internet Information Services (IIS) Manager in the Windows start menu .
-
In Internet Information Services (IIS) Manager , in the Connections menu tree (left pane), locate and click the server name.
-
On the Server name Home page (middle pane), in the IIS section, double-click Server Certificates .
-
On the Server Certificates page (middle pane), in the Actions menu (right pane), click the Complete Certificate Request… link.
-
In the Complete Certificate Request wizard, on the Specify Certification Authority Response page, do the following, and then click OK :
filename containing Click the … box and browse and select the .cer file The certificate authority's response: (eg yourdomain_com.cer ) DigiCert sends you. Friend name: Type a friendly name for the certificate. The friendly name is not part of the certificate; instead it is used to identify the certificate. We recommend adding DigiCert and the expiration date to the end of your friendly name, for example: yoursite-digicert-(expiration date). This information helps identify the issuer and expiration date for each certificate. It also helps distinguish multiple certificates with the same domain name. Choose a certificate store Select Web Hosting in the drop-down list . for the new certificate: -
Now that you have successfully installed your SSL certificate, you need to assign the certificate to the appropriate site.
-
In Internet Information Services (IIS) Manager , in the Connections menu tree (left pane), expand the name of the server where the certificate was installed. Then expand Sites and click the site for which you want to use the SSL certificate to secure it.
-
On the website's Home page, in the Actions menu (right pane), under Edit Site , click the Links… link.
-
Click Add in the Site Bindings window .
-
In the Add Site Bindings window, do the following and then click OK :
Medicine: Select https in the dropdown list . IP address: Select the IP address of the site in the drop-down list or select All Unassigned . Port: Type port 443 . The port where the traffic is secured by SSL is port 443. Hostname: Type the hostname you want to secure. Require server Check this box after entering the hostname. Name Display: This is required for all additional certificates/sites after installing the first certificate and securing the primary site. SSL certificate: Select an additional SSL certificate from the drop-down list (eg yourdomain2.com ). -
You have successfully installed another SSL certificate and configured the website to accept secure connections.