To create a server certificate, perform the following steps:
NOTE: You must be an administrator to complete the following steps.
- On the computer where the Web site will reside, browse to your certificate server's Web pages (usually located at http://servername/certsrv, where servername is the name of the server hosting IIS and the certificate server).
- Choose Request a Certificate, and then click Next.
- Choose Advanced Request, and then click Next.
- Choose Submit a Certificate Request to This CA Using a Form, and then click Next.
- Under Identifying Information, in the Name field, choose a common name for the Web site.
For example, if users will type "https://server" into their browser, then the common name would be "server." However, if the user will contact your site using "https://www.server.com," then the common name will need to reflect this by using "www.server.com" as the server name.
- For the rest of the information under Identifying Information, follow the instructions for e-mail, company, and so on.
- In the Intended Purpose section, choose Server Authentication Certificate from the drop-down list.
- In the Key Options section, leave everything at the defaults, but click to enable the Use Local Machine Store option.
- Be sure to enable the Mark Private Key as Exportable check box if you want to backup this key pair later (recommended). If you do not do this, you will not have the option to export the private key at a later time (only the public key).
- Click Submit.
- When you are prompted to Install the Certificate, do so. This adds the certificate to your certificate store (the local computer store).
- Open the Internet Services Manager (or custom MMC containing IIS) and navigate to the site where you want to enable secure communications.
- Right-click on the Web site and choose Properties.
- On the properties page for the site, click the Directory Security tab.
- Click Server Certificate.
- When the Web Server Certificate Wizard appears, click Next.
- Choose Assign an Existing Certificate, and then click Next.
- In the list, choose the certificate that you added to the store using the Certificate Web Forms, and then click Next.
- When the summary screen appears, showing you the certificate you are about to bind to the Web site, make sure the information is correct. If everything looks good, click Next.
- Click Finish to close the wizard.
- Test your site to make sure you can access it using an https request (for example, https://common name).
For more information, see the Internet Information Services 5.0 online documentation, which can be found at http://localhost/IISHelp (the default path).
Article ID: 248107 - Last Review: Jun 19, 2014 - Revision: 1