According to Google, websites with SSL certificate enabled will offer better performance and advantage in search engines as compared to insecure websites (HTTP). SSL certificate basically encrypts online credentials passing between the browser and the server.
With respect to website security, it is necessary to purchase an SSL certificate according to business requirements and install it on the server. In this article, we will talk about the installation of an SSL certificate on Windows Server but for that, you need to take the help of the IIS (Internet Information Service) server and need to create CSR (certificate signing request) and installation via IIS.
How to Generate a CSR for Microsoft IIS
- Open Internet IIS Manager
To open IIS, browse Start >Control Panel>System and Security>Administrative Tools> Internet Information Services (IIS) Manager.
Now, choose server name from left side of the screen found under Connection menu then, click on Server Certificate icon in the center of the window.
- Create a New Certificate
After that, click on Certificate Request under Action menu found on right side of the IIS window.
- Enter your CSR details
You will have a window naming Distinguished Name Properties where you need to fill the required details.
- Select a cryptographic service provider and bit length
Under Cryptographic Service Provider Properties box, select 2048-bit private key length.
- Save the CSR
Now, you have CSR and can save it on desired location like desktop/server with a .txt file extension.
Finally, click on the Finish button.
- Generate the Order
The CSR will look as follows:
—–BEING CERTIFICATE REQUEST—–
—–END CERTIFICATE REQUEST—–
How to Install an SSL/TLS Certificate in Microsoft IIS
After creating CSR, it is time to install SSL on IIS server. Once you submit CSR to your SSL provider and complete the configure process, you will have a zip file that contains the main certificate, root, and intermediate certificate. You need to save it on the desktop with your_domain_name_cer name.
Open IIS Manager
You need to open IIS manager again and click on the Connection menu on left side of the window and click on the Server Certificate icon showing in the center of the window.
Click Complete Certificate Request
Now click on Action menu on right side of the window and click on Complete Certificate Request.
You will have now Complete Certificate Request wizard where you need to choose the received certificate file. Keep friendly name to your certificate and select Personal to store certificate. Then click OK.
You can see your certificate in the server certificate list.
It is time to assign your certificate to the website.
Again, browse to Connection menu showing on left side of IIS window and search for server name>website folder, in which you need to select site for which you need to bind a certificate.
Now, click on the Action menu and select Bindings showing on right side of the IIS window.
You will have Site Bindings window just click on Add button on right side.
You will have Add Site Binding windows where you need to add below details:
- Type – select “https” from the drop-down menu.
- IP Address – Select “All Unassigned.” Or select suitable IP in case of multiple IP addresses.
- Port – Enter “443” unless.
- SSL Certificates – Choose the “friendly name” of the installed SSL certificate.
- Click OK button.
You should use SSL checker to check installed SSL. If the installation is properly completed, then you will have HTTPS before domain names like https://www.domain1.com or https://domain1.com