Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

In my previous blog, I wrote about Install, Configure and Run IIS on Windows 2016. In this blog, I will write about SSL certificate related settings.

Please be aware that you need to own a domain name in order to do the procedure below.

Steps:

  1. Apply SSL Certificate from sslforfree.
  2. Complete CSR on IIS.
  3. Bind https on website
  4. Get IIS up and running with HTTS
  5. Export .pfx file from IIS

Let’s get started

Generating CSR from IIS

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Click Create Certificate Request.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Filling your info to generate CSR. NOTE that in the Common name field, fill in the domain name you will be using for SSL.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Usually we pick 1024, 2048, 4096 for encryption strength.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Choose a location to save your CSR file and that’s it.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Content of CSR.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Apply SSL from sslforfree

Please note that you need to register an account to apply for SSL certificate.

Login to your account, click New Certificate.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Input your full domain name, for example, www.yourname.com OR hello.mydomain.com.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Choose basic option, which means you need to renew your SSL every 90 days manually.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Paste the CSR content, including the beginning and ending line.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

For an free account, you can have 3 certificates the most.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

The last step is prove that you owned the domain name as you applied for. There are couple ways to validate your domain name, pick whichever you feel most comfortable.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Follow the instruction to validate your domain name, then click Verify Domain.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Once verified, you can download your SSL certificate.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Un-zip the downloaded folder and you will see two .crt files.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Complete CSR on IIS.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Select the certificate.crt file and give it a name.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS
Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

And there you go, you have successfully install your SSL certificate to your IIS server.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Bind https on website

  1. Click Default Web Site or whichever your web site is.
  2. Click Bindings to bind https to web site.
  3. Only HTTP exists currently, click Add.
  4. Choose HTTPS.
  5. Input exactly the same name as you applied for SSL certificate.
  6. Select the inputed SSL certificate, click OK.
Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Once finished, you will see https appear under Browse Website.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Get IIS up and running with HTTS

Add a record to your Windows hosts file located at C:\Windows\System32\drivers\etc. Once done, save and exit.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Moment of truth, click or browse to your domain name using HTTPS.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

And there you go! We have our IIS running on HTTPS!

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Export .pfx file from IIS

Choose installed SSL certificate and click Export.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Choose your location to save the .pfx file.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

Input your password for .pfx file and click OK.

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

And that’t it! You will see your .pfx file at where you chose to be saved!

Create CSR, Apply SSL Certificate and Configure IIS Running on HTTS

In my next blog, I will be writing how to enforced HTTPS, stay tuned!

AWS Certified SA, SysOps & Developer Associate, Alibaba Cloud certified SA. Focusing on Azure, Prometheus w/ Grafana, ELK and K8S now.