According to Google, websites with SSL certificate enabled will offer better performance and advantages in search engines as compared to insecure websites (HTTP). SSL certificate basically encrypts online credentials passing between the browser and the server.
With respect to website security, it is necessary to purchase an SSL certificate according to business requirements and install it on the server. You may be used to registrars like Namecheap offering domain names for your next great business idea, but surprisingly you can pick up SSL solutions on their website too. In this article, we will talk about the installation of an SSL certificate on Windows Server, but for that, you need to take the help of the IIS (Internet Information Service) server and need to create CSR (certificate signing request) and installation via IIS.
How to Generate a CSR for Microsoft IIS
- Open Internet IIS Manager
To open IIS, browse Start >Control Panel>System and Security>Administrative Tools> Internet Information Services (IIS) Manager.
Now, choose server name from left side of the screen found under Connection menu then, click on Server Certificate icon in the center of the window.
- Create a New Certificate
After that, click on Certificate Request under the Action menu found on right side of the IIS window.
- Enter your CSR details
You will have a window naming Distinguished Name Properties where you need to fill the required details.
- Select a cryptographic service provider and bit length
Under the Cryptographic Service Provider Properties box, select 2048-bit private key length.
- Save the CSR
Now, you have CSR and can save it on the desired location like desktop/server with a .txt file extension.
Finally, click on the Finish button.
- Generate the Order
The CSR will look as follows:
—–BEING CERTIFICATE REQUEST—–
—–END CERTIFICATE REQUEST—–
How to Install an SSL/TLS Certificate in Microsoft IIS
After creating CSR, it is time to install SSL on the IIS server. Once you submit CSR to your SSL provider and complete the configure process, you will have a zip file that contains the main certificate, root, and intermediate certificate. You need to save it on the desktop with your_domain_name_cer name.
Open IIS Manager
You need to open IIS manager again and click on the Connection menu on left side of the window and click on the Server Certificate icon showing in the center of the window.
Click Complete Certificate Request
Now click on the Action menu on the right side of the window and click on Complete Certificate Request.
You will have now a Complete Certificate Request wizard where you need to choose the received certificate file. Keep a friendly name to your certificate and select Personal to store the certificate. Then click OK.
You can see your certificate in the server certificate list.
It is time to assign your certificate to the website.
Again, browse to the Connection menu showing on the left side of the IIS window and search for server name>website folder, in which you need to select a site for which you need to bind a certificate.
Now, click on the Action menu and select Bindings showing on the right side of the IIS window.
You will have Site Bindings window just click on Add button on right side.
You will have Add Site Binding windows where you need to add below details:
- Type – select “HTTPS” from the drop-down menu.
- IP Address – Select “All Unassigned.” Or select suitable IP in case of multiple IP addresses.
- Port – Enter “443” unless.
- SSL Certificates – Choose the “friendly name” of the installed SSL certificate.
- Click the OK button.
You should use an SSL checker to check installed SSL. If the installation is properly completed, then you will have HTTPS before domain names like https://www.domain1.com or https://domain1.com