SSL

From Prodigix Wiki
Jump to navigation Jump to search


Log into client server as Administrator!!!

--Generate CSR

- From the Start screen, click or search for Internet Information Services (IIS) Manager and open it.

- Click on the server name.

- From the center menu, double-click the "Server Certificates" button in the "IIS" section (it is in the middle of the menu).

- Next, from the "Actions" menu (on the right), click on "Create Certificate Request..." This will open the Request Certificate wizard.

- In the "Distinguished Name Properties" window, enter the information as follows:

1.Common Name - The name through which the certificate will be accessed (usually the fully-qualified domain name, e.g., www.domain.com or mail.domain.com).

2.Organization - The legally registered name of your organization/company.

3.Organizational unit - The name of your department within the organization (frequently this entry will be listed as "IT," "Web Security," or is simply left blank).

4.City/locality - The city in which your organization is located.

5.State/province - The state in which your organization is located.

6.Country/region - If needed, you can find your two-digit country code in our list.

- Click Next.

- In the "Cryptographic Service Provider Properties" window, enter the following information and then, click Next

1. Cryptographic service provider - In the drop-down list, select Microsoft RSA SChannel..., unless you have a specific cryptographic provider.
2. Bit length - In the drop-down list, select 2048 (or higher).

- Click the ... box to browse to a location where you want to save the CSR file. If you just enter a filename without browsing to a location, your CSR will end up in C:\Windows\System32.

Remember the filename that you chose and the location to which you save it. You will need to open this file as a text file and copy the entire body of it (including the Begin and End Certificate Request tags) into the online order process when prompted.


ATTACHING SSL TO DOMAIN ON GODADDY.COM

- Log onto godaddy.com using the client's credentials

- Go to "My Account"

- Scroll down to SSL Certificates and open it up. There should be an SSL available. (NOTE: This certificate MUST be a "Standard SSL," NOT a "Deluxe SSL.") Hit "Launch" on the SSL

- Select "Provide a certificate signing request (CSR)"

- Find the CSR file that you just generated (the "certreq.txt" file in the C:\ drive). Copy and paste it over to the field. Verify after you've pasted it over that the "Domain Name (based on CSR):" is set to the correct domain.

- Check "I agree to the terms and conditions of the Subscriber Agreement." Hit "Request Certificate."

- At this point, the request for the certificate will be pending (it should only be a few minutes). To check the status, go back to "My Account," open up the SSL and click "Launch" on the SSL you attached the CSR to. Then click on "Pending Requests." If the domain is still there, it's still pending. If not, it'll be in the "Certificates" folder.


Install SSL - https://www.digicert.com/ssl-certificate-installation-microsoft-iis-8.htm

- Open the ZIP file containing your certificate. Save the file named your_domain_name.cer to the desktop of the web server you are securing.

- From the Start screen, click or search for Internet Information Services (IIS) Manager and open it.

- Click on the server name.

- From the center menu, double-click the "Server Certificates" button in the "IIS" section (it is in the middle of the menu).

- From the "Actions" menu (on the right), click on "Complete Certificate Request..." This will open the Complete Certificate Request wizard.

- Browse to your_domain_name.cer file that was provided to you by DigiCert. You will then be required to enter a friendly name. The friendly name is not part of the certificate itself, but is used by the server administrator to easily distinguish the certificate. Choose to place the new certificate in the Personal certificate store.

- Clicking "OK" will install the certificate to the server.

- Once the SSL Certificate has been successfully installed to the server, you will need to assign that certificate to the appropriate website using IIS.

- From the "Connections" menu in the main Internet Information Services (IIS) Manager window, select the name of the server to which the certificate was installed.

- Under "Sites," select the site to be secured with SSL.

- From the "Actions" menu (on the right), click on "Bindings..." This will open the "Site Bindings" window.

- In the "Site Bindings" window, click "Add..." This will open the "Add Site Binding" window.

- Under "Type" choose https. The IP address should be the IP address of the site or All Unassigned, and the port over which traffic will be secured by SSL is usually 443. Leave the Host name Blank. The "SSL Certificate" field should specify the certificate that was installed in step 7.

- Click "OK."

Retrieved from "https://wiki.prodigix.com/index.php?title=SSL&oldid=336"