How to Install Certificates on Microsoft IIS 8.x
This article will go into detail on how to install certificates on Microsoft IIS 8.x.
- Open the ZIP file containing your certificate. Save the file named your_domain_name.cer to the desktop of the web server you are securing.
- From the Start screen, click or search for Internet Information Services (IIS) Manager and open it.
- Click on the server name.
- From the center menu, double-click the "Server Certificates" button in the "IIS" section (it is in the middle of the menu).
- From the "Actions" menu (on the right), click on "Complete Certificate Request..." This will open the Complete Certificate Request wizard.
- Browse to your_domain_name.cer file that was provided to you. You will then be required to enter a friendly name. The friendly name is not part of the certificate itself, but is used by the server administrator to easily distinguish the certificate. Choose to place the new certificate in the Personal certificate store.
- Clicking "OK" will install the certificate to the server.
- Once the SSL Certificate has been successfully installed to the server, you will need to assign that certificate to the appropriate website using IIS.
- From the "Connections" menu in the main Internet Information Services (IIS) Manager window, select the name of the server to which the certificate was installed.
- Under "Sites," select the site to be secured with SSL.
- From the "Actions" menu (on the right), click on "Bindings..." This will open the "Site Bindings" window.
- In the "Site Bindings" window, click "Add..." This will open the "Add Site Binding" window.
- Under "Type" choose https. The IP address should be the IP address of the site or All Unassigned, and the port over which traffic will be secured by SSL is usually 443. The "SSL Certificate" field should specify the certificate that was installed in step 7.
- Click "OK."
- Your SSL certificate is now installed, and the website configured to accept secure connections.
How to install and configure your SSL Certificate on Windows Server 2012 - IIS 8 and Windows Server 2012 R2 - IIS 8.5 (Multiple Certificates Using SNI)
- Open the ZIP file containing your certificate. Save the file named your_domain_name.cer to the desktop of the web server you are securing.
- From the Start screen, click or search for Internet Information Services (IIS) Manager and open it.
- Click on the server name.
- From the center menu, double-click the "Server Certificates" button in the "IIS" section (it is in the middle of the menu).
- From the "Actions" menu (on the right), click on "Complete Certificate Request..." This will open the Complete Certificate Request wizard.
- Browse to your_domain_name.cer file that was provided to you. You will then be required to enter a friendly name. The friendly name is not part of the certificate itself, but is used by the server administrator to easily distinguish the certificate. Choose to place the new certificate in the Personal certificate store.
- Clicking "OK" will install the certificate to the server.
Note: There is a known issue in IIS 8 giving the following error: "Failed to remove the certificate" If this is the same server that you generated the CSR on then, in most cases, the certificate is actually installed. Simply cancel the dialog and press "F5" to refresh the list of server certificates. If the new certificate is now in the list, then it did install to the server, but you may want to check and make sure the certificate is in the Web Hosting certificate store. If it is not in the list, you will need to reissue your certificate using a new CSR. After creating a new CSR, login to your account and click the replace button for your certificate.
- Once the SSL Certificate has been successfully installed to the server, you will need to assign that certificate to the appropriate website using IIS.
- From the "Connections" menu in the main Internet Information Services (IIS) Manager window, select the name of the server to which the certificate was installed.
- Under "Sites," select the site to be secured with SSL.
- From the "Actions" menu (on the right), click on "Bindings..." This will open the "Site Bindings" window.
- In the "Site Bindings" window, click "Add..." This will open the "Add Site Binding" window.
- Under "Type" choose https. The IP address should be the IP address of the site or All Unassigned, and the port over which traffic will be secured by SSL is usually 443. The "SSL Certificate" field should specify the certificate that was installed in step 7.
- Click "OK."
- Your first SSL certificate is now installed, and the website configured to accept secure connections.
- Repeat the steps for creating a CSR for your 2nd+ site.
- Install the certificate file as mentioned above, up through step 12.
- Under "Type" choose https. The IP address should be the IP address of the site or All Unassigned, and the port over which traffic will be secured by SSL is usually 443. Enter the host name you will be securing and check the box that says Require Server Name Indication. This is required for all additional sites (not required on the primary site as shown in step 13) The "SSL Certificate" field should specify the certificate that was installed in step 7 for your additional certificate.
- Click "OK."
- Your second SSL certificate is now installed, and the website configured to accept secure connections.
- Repeat steps sixteen through nineteen to set up any other additional sites.