SSL certificates are how websites and services obtain verification for the encryption of data sent between themselves and their customers. They can also be used to check if you are connected to the service you want to connect to. that a secure connection requires if you are providing a website or service , you may want to install an SSL certificate to verify your authenticity.
We can able to install the SSL certificate in different ways such as by using
Using Microsoft Internet Information Services (IIS)
Here we are using Microsoft Internet Information Services (IIS) for installing the ssl certificate.
Create a Certificate Signing Request (CSR). Before you can purchase and install an SSL certificate, you must create a CSR on your server. This file contains your server and public sensitive information, which is required to create a private key. You can create a CSR in IIS8 with a few clicks of the mouse
- Open Server Manager
- Click Tools and select Internet Information Services (IIS) Manager.
Under the connection list, select the workstation where you will install the certificate.
- Open the Server Certificates tool.
- At the bottom of the list of actions, click the Create Certificate Request link in the upper-right corner.
- Fill out the Request Certificate Guide information. You must enter your two-digit country code, state or province, town or city name, full company name, division name and common name (usually domain name).
- Leave the default “Cryptographic Service Provider”.
- Set the bit length to 2048.
- Name the certificate request file. The file name is not a bar until you find it in your files.
- Order your SSL certificate. There are many services online that provide SSL certification. Be sure to order only from a reputable service as you and your customer’s safety are at risk. Popular services like Digicert, Symantec, Global Sign and many more. The best service for you will vary depending on your needs i.e. multiple certifications, organizational solutions, etc.
You must upload your CSR file to the Certification Service when you order. This will be used to create a certificate for your server. Some providers will copy the contents of the CSR file for you, while others will upload the file.
- Download your certificates
You have to download intermediate certificates from the service where you purchased your certificates. You will receive your primary certificate via email or through the customer section of the website.
- Rename the primary certificate as “yoursitename.cer”.
- Reopen the Server Certification Tool in IIS. From here, click on the “Complete Certificate Request” link below the “Create Certificate Request” link that you clicked to create a CSR.
- Browse for the certificate file. Once you find it on your computer, you should use a “friendly name” for it, which is a quick name to find the certificate on your server. Store the certificate in the “Personal” store and then Click OK to install the certificate.
- Your certificate will appear in the list. If not, make sure you are using the same server that created the CSR.
- Bind the certificate with your website. Now that the certificate is installed, you need to link it to the website you want to protect. Expand the “Sites” folder in the Links list and then click on the website.
- Click the Links link in the Actions list
- In the Site Binding window that appears, click the Add button.
- Select “https” from the “Type” drop-down menu and select your installed certificate from the “SSL Certificate” drop-down menu.
- Press OK and Close
- Install intermediate certificates. Locate the intermediate certificates you downloaded from the certificate issuer. Some providers offer more than one certificate to be installed, while others have only one. Copy these certificates to a separate folder on your server.
- Once the certificates have been copied to the server, double-click it to open the certificate details.
- Click the General tab. Click the “Install Certificate” button at the bottom of the window.
Select “Keep all certificates in the following certificate” and browse the local store. You can see this by checking the “Show physical fire stores” box, selecting Intermediate Certificates, and clicking on your local computer.
- Restart IIS
You must restart your IIS server to begin distributing certificates. To restart IIS, click Start and select Run. Type “IISREset” and press Enter. The command prompt will appear and display the status of the IIS restart.
Test your certificate. Use different web browsers to check if your certificate is working properly. Connect to your website using “https: //” to force SSL connection. You should usually see a padlock icon in your address bar, usually with a green background.