Skip to content
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads
Bots!

Install Server Certificate for IIS 6 or 5

Rumi, May 8, 2011May 8, 2011

The following document is partly based on this Microsoft document: How to Import a Server Certificate for Use in Internet Information Services 5.0 (Q232137)

  1. Add Certificates snap-in to MMC
    1. Click Start, and then click Run.
    2. Type "MMC.EXE" (without the quotation marks) and click OK.
    3. Click Console in the new MMC you created, and then click Add/Remove Snap-in.
    4. In the new window, click Add.
    5. Highlight the Certificates snap-in, and then click Add.
    6. Choose the Computer account option and click Next.
    7. Select Local Computer on the next screen, and then click Finish.
    8. Click Close, and then click OK.
    9. You have now added the Certificates snap-in, which will allow you to work with any certificates in your computer's certificate store. You may want to save this MMC for later use.
  2. Import server certificate to computer's certificate store

    1. Expand the Certificates (Local Computer) snap-in tree and navigate to Personal, and then Certificates.
      Note: Certificates may not be listed. If it is not, that is because there are no certificates installed.
    2. Right-click Certificates (or Personal if that option does not exist.)
    3. Choose All Tasks, and then click Import.
    4. When the wizard starts, click Next. Browse to the *.p12 file you received from CUHK CA. This file contains your server certificate and private key. Click Next.
    5. Enter the PKCS12 password of the *.p12 file.
      Note: Click here if you forgot the password. (Please login with your Computing ID. You can only review those server certificate applied by yourself.)
    6. Be sure the Mark the private key as exportable option is selected if you want to be able to export the key pair again from this computer. As an added security measure, you may want to leave this option unchecked to ensure that no one can make a backup of your private key.
    7. Click Next, and then choose the Certificate Store you want to save the certificate to. You should select Personal because it is a Web server certificate.
    8. Click Next, then click Finish. You will now see the server certificate for your Web server, and 4 other CUHK CA certificates in the list of Personal Certificates. It will be denoted by the common name of the server (e.g. www.somedept.cuhk.edu.hk).
    9. If you want to enable authentication with client certificate in your IIS, continue with the next step. Otherwise, you may skip to the next section.
    10. Click this link: CUHK Root CA (2000).
    11. In the File Download dialog box, where you're asked if you would "like to open the file or save it to your computer", choose Open (or Open this file from its current location in IE).
    12. A Certificate dialog box will be opened, click Install Certificate …
    13. Click Next, then choose "Place all certificates in the following store", then click Browse.
    14. In the newly opened window, click the Show physical stores checkbox, then expand Trusted Root Certification Authorities from the tree above, and select Local Computer.
    15. Click OK, Next, and Finish.
    16. Click OK twice to close all certificate import dialog boxes.
  3. Configure IIS to enable SSL

    1. Now that you have the certificate imported into the certificate store, you can enable Internet Information Services 5/6 to use that certificate (and the corresponding private key). To do this, perform the following steps.
    2. Open the Internet Services Manager (under Administrative Tools) and navigate to the Web site you want to enable secure communications (SSL/TLS) on.
    3. Right-click on the site (usually Default Web Site) and click Properties.
    4. Click the Directory Security tab.
    5. Under the Secure Communications section, click Server Certificate.
    6. This will start the Web Site Certificate Wizard. Click Next.
    7. Choose the Assign an existing certificate option (or Replace the current certiicate for renewal) and click Next.
    8. You will now see a screen showing that contents of your computer's personal certificate store. Highlight your Web server certificate (denoted by the common name, e.g. www.dept.cuhk.edu.hk), and then click Next.
    9. You will now see a summary screen showing you all the details about the certificate you are installing. Be sure that this information is correct or you may have problems using SSL or TLS in HTTP communications.
    10. Click Next, and then click Finish to exit the wizard.
    11. You will now back to the Web Site Properties window. Click Edit…
    12. Click Require secure channel (SSL) if you want to restrict users to access your site with https, and not http any more.
    13. Click OK twice.
    14. You should now be able to use a browser to connect to your web server via https.
 
Administrations Configurations (Windows) PKI

Post navigation

Previous post
Next post

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Myself…

Hi, I am Hasan T. Emdad Rumi, an IT Project Manager & Consultant, Virtualization & Cloud Savvyfrom Dhaka, Bangladesh. I have prior experience in managing numerous local and international projects in the area of Telco VAS & NMC, National Data Center & PKI Naitonal Root and CA Infrastructure. Also engaged with several Offshore Software Development Team.

Worked with Orascom Telecom-Banglalink, Network Elites as VAS partner, BTRC, BTT (Turkey) , Mango Teleservices Limited and Access to Informaiton (A2I-UNDP)

Currently working at Oracle Corporation as Principal Technology Solution and Cloud Architect.

You can reach me [h.t.emdad at gmail.com] and I will be delighted to exchange my views.

Tags

Apache Bind Cacti CentOS CentOS 6 CentOS 7 Debain Debian Debian 10 Debian 11 Debian 12 DKIM Docker endian icinga iptables Jitsi LAMP Letsencrypt Linux Munin MySQL Nagios Nextcloud NFS nginx pfsense php Postfix powerdns Proxmox RDP squid SSH SSL Ubuntu Ubuntu 16 Ubuntu 18 Ubuntu 20 Varnish virtualbox vpn Webmin XCP-NG zimbra

Topics

Recent Posts

  • Install Jitsi on Ubuntu 22.04 / 22.10 April 30, 2025
  • Key Lessons in life April 26, 2025
  • Create Proxmox Backup Server (PBS) on Debian 12 April 19, 2025
  • Add Physical Drive in Proxmox VM Guest April 19, 2025
  • Mount a drive permanently with fstab in Linux April 16, 2025
  • Proxmox 1:1 NAT routing March 30, 2025
  • Installation steps of WSL – Windows Subsystem for Linux March 8, 2025
  • Enabling Nested Virtualization In Proxmox March 8, 2025
  • How to Modify/Change console/SSH login banner for Proxmox Virtual Environment (Proxmox VE / PVE) March 3, 2025
  • Install Proxmox Backup Server on Debian 12 February 12, 2025

Archives

Top Posts & Pages

  • Install Jitsi on Ubuntu 22.04 / 22.10
©2025 Bots! | WordPress Theme by SuperbThemes