How To Enable SSL on Windows Server?

This article demonstrates how to quickly set up Secure Sockets Layer (SSL) in a Windows 2000 Internet Information Services (IIS) 5.0 development lab environment. This article is divided into three sections:

  • Creating a certificate request
  • Submitting a certificate request 
  • Installing the certificate and setting up an SSL Web site

Creating a Certificate Request


To create a Web server certificate, follow these steps:



  1. Open the Internet Service Manager Microsoft Management Console (MMC). To do this, click Start , point to Programs , point to Administrative Tools , and click Internet Service Manager .
  2. Double-click the server name so that you see all of the Web sites.
  3. Right-click the Web site where you want to install the certificate, and then click Properties .
  4. Click the Directory Security tab. You see three security methods. The one you will use to create a certificate request is Secure Communications .
  5. Click Server Certificate . A Certificate Wizard starts. Click Next to continue.
  6. Select Create a new certificate , and then click Next .
  7. Select Prepare the request now, but send it later and click Next .
  8. Type a name for your certificate, and choose a bit length. Unless it is needed for your lab, do not select the SGC Certificate check box. Click Next to continue.
  9. Type your organization name and the organizational unit (for example, company name and development department). Click Next .
  10. Type either the fully qualified domain name (FQDN) or the server name as the Common Name . If you are creating a certificate that will be used over the Internet, it is preferable to use a FQDN. Click Next .
  11. Enter your location information, and then click Next .
  12. Type the path and file name to save the certificate information to. NOTE: If you enter anything other than the default location and file name, be sure to note the name and location you choose, because you will have to access this file in later steps. Click Next to continue.
  13. Verify the information that you have entered, and then click Next to complete the process and create the certificate request.

 

Submitting a Certificate Request


Submit a certificate request to any certification authority such as Verisign. Once you get your certificate issued, proceed to next section.


Installing the Certificate and Setting Up an SSL Web Site


There are several ways to install and set up an SSL certificate: for example, you can double-click the certificate and use the Certificate Installation Wizard to preinstall the certificate, then bind it to the site. This article desmonstrates how to install the certificate by using the Internet Service Manager MMC through the Web Server Certificate Wizard. To install a certificate in Certificate Server, follow these steps:



  1. Open the Internet Services Manager and expand the server name so that you can view the Web sites.
  2. Right-click the Web site that you created the certificate request for, and click Properties .
  3. Click the Directory Security tab. Under Secure Communications , click Server Certificate .This opens the Certificate Installation Wizard. Click Next to continue.
  4. Select Process the pending request and install the certificate and click Next .
  5. Type the location of the certificate that you got from your certificate authority as described earlier in section two, 'Issuing and Downloading a Certificate', then click Next . The Wizard displays the Certificate Summary. Verify that the information is correct, then click Next to continue.
  6. Click Finish to complete the process.

To configure and test the certificate, following these steps:



  1. On the Directory Security tab, under Secure Communications , note that there are now three available options. To set the Web site to require secure connections, click Edit . The Secure Communications dialog box appears.
  2. Select Require Secure Channel (SSL) , and then click OK .
  3. Click Apply and then OK to close the property sheet.
  4. Browse to the site and verify that it works:

       

    1. Access the site through http by typing http://DomainName.com/file.html in the browser. You receive an error message that resembles the following:

      HTTP 403.4 - Forbidden: SSL required.

    2. Try to browse to the same Web page using a secured connection (https) by typing https://DomainName.com/file.html in the browser. The page should appear.

If you can view the page, you have successfully installed your certificate.


Additional Information on Using Certificates with IIS 5.0 (External Links)


Q232136 HOW TO: Back Up a Server Certificate in Internet Information Services 5.0


Summary: When you use Internet Information Services (IIS) 5.0, you may want to back up your server certificates. Windows 2000 makes this process easy using the new Certificates snap-in.


Q232137 How to Import a Server Certificate for Use in Internet Information Services 5.0


Summary: When you use Internet Information Services (IIS) version 5.0, you may want to restore a server certificate, for example, if you are migrating one Web site to another server in a Web farm. This task is very easy to do using the Web Site Certificate Wizard and the Certificate Manager Import Wizard provided to you by Windows 2000 and IIS 5.0.


Q248107 Creating Server Certificates Using Certificate Services Web


Summary: When you enable secure communications (SSL and Transport Layer Security (TLS)) on an Internet Information Services 5.0 computer, you must first obtain a server certificate. With the integration of certificates in Windows 2000 and the new additions to IIS 5.0, there are several ways to obtain a server certificate.


Q227888 Importing a Key Backup File to Use in Internet Information Services 5.0


Summary: After you install Internet Information Services 5.0, you may want to import a backup key file from an older version of Internet Information Server. This allows you to use the SSL capabilities on your new server (and replace the old one).

  • 18 A felhasználók hasznosnak találták ezt
Hasznosnak találta ezt a választ?

Kapcsolódó cikkek

How to secure windows server? What are best security practices?

This is a guide to increase security for Windows 2000, and is mainly intended for ISP, Web...

My server is behind firewall. What ports do I need to keep open?

If your servers are behind firewall, the following common ports need remain open. IMail...

HC Hangs - Script Time Out

  Question : HC was working fine, but suddenly it has stopped working. When I try to add...

How to protect a directory with login and password with the help of Hosting Controller?

This article guides through the steps needed to create password protected web directories....

I forgot my HC user password, how do I reset the password?

There are two method of resetting password. 1. The password can be refreshed using the...

Powered by WHMCompleteSolution