Archive for the ‘Windows 2008’ Category

Windows 2008 IIS7 Self Signing Certs

Windows 2008 Self Signing Certs (IIS7)

Before binding SSL rules to our new site, we need to first import and setup a security certificate to use with the SSL binding.

  1.  Certificates are managed in IIS 7.0 by clicking the root machine node in the left-hand tree-view explorer, and then selecting the “Server Certificates” icon in the feature pane on the right:
  2. This will then list all certificates registered on the machine, and allow you to optionally import and/or create new ones.
  3. I could optionally go to a certificate authority like Verisign and purchase a certificate to import using this admin UI.  Alternatively, I can create a “self-signed certificate” which is a test certificate that I can use during the development and testing of my site.  To-do this, click the “Create Self-Signed Certificate” link on the right-hand side of the admin tool:
  4. Enter a name to use for the certificate (for example: “test”) and hit ok.  IIS7 will then automatically create a new self-signed crypto certificate for you and register it on the machine:

Self-signed SSL Certificates on IIS7 and Common Names

  1. Copy SelfSSL.exe to local computer.  (Download this file from the Internet.)
  2. Create the Self-Signed Certificate using the Wizard. (Done above)
  3. Run this command on the server to change the Site ID (Issued To, Issued By) SelfSSL / /K:1024 /V:365 /S:1 /P:443
  4. Test new Cert and install the Cert when prompted.  (If needed, go to the SitesàSitename, and then click on Bindings and add the https: and associate it with the new Cert.)