Install and Configure Your SSL Certificate in IIS 7 on Windows Server 2008

How to install your SSL certificate and configure the server to use it

1, On the server where you created the CSR, save the SSL certificate .cer file (e.g., your_domain_com.cer) that you received from the certificate authority.
2. Open Internet Information Services (IIS) Manager (click Start > Administrative Tools > Internet Information Services (IIS) Manager).
3. In the Connections pane, locate and click the server.
4. In the server Home page (center pane) under the IIS section, double-click Server Certificates.

530
  1. In the Actions menu (right pane), click In the Actions menu (right pane), click Complete Certificate Request.
530
  1. In the Complete Certificate Request wizard, on the Specify Certificate Authority Response page, provide the following information:

    • File name containing the certificate authority's response: Click the … button to locate the .cer file you received from the CA (e.g., your_domain_com.cer).
    • Friendly name: Type a friendly name for the certificate. This is not part of the certificate; instead, it is used to identify the certificate.

    Note: We recommend that you add the issuing CA and the expiration date to the end of your friendly name; for example, yoursite-authority-(expiration date). Doing this helps identify the issuer and expiration date for each certificate and also helps distinguish multiple certificates with the same domain name.

530
  1. Click OK to install the certificate.

Note: There is a known issue in IIS 7 where the following message is displayed: "Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created." You may also receive a message stating: "ASN1 bad tag value met."

If this is the server where you generated the CSR, it's possible the certificate is actually installed and the message can be ignored. Simply click OK, then close and reopen Internet Information Services (IIS) Manager to refresh the list of server certificates. The new certificate should appear in the Server Certificates list, and you can continue with the next step.

  1. Now that you've successfully installed your SSL certificate, you need to configure your site to use it.

Assign Your SSL Certificate

  1. In Internet Information Services (IIS) Manager, in the Connections pane, expand the name of the server on which the certificate was installed. Then expand Sites and click the site you want to secure using the SSL certificate.
  2. In the Actions menu (right pane), click Bindings.
530
  1. In the Site Bindings window, click Add.
471
  1. In the Add Site Binding window, do the following and then click OK.

    • Type: In the drop-down list, select https.
    • IP address: In the drop-down list, select the IP address of the site or select All Unassigned.
    • Port: Type 443. (SSL uses port 443 to secure traffic.)
    • SSL Certificate: In the drop-down list, select your new SSL certificate (e.g., yourdomain.com).
406
  1. Your SSL certificate is now installed, and the website is configured to accept secure connections.
471