Creating certificates in IIS
Create Certificate in IIS
1. Logon to T1Hi, remote desktop to the server you want to create a certificate.
2. Left click on server, all the available icons will show on the right hand side panel.
3. Under IIS double click on server certificate. => in right hand side panel click Create certificate request.
4. Fill out the certificate request form with the following information:
- Common Name: the url of the site. Make sure you put dev- if it is for a test site.
- Organization: WSU
- Organization Unit: CAHNRS
- City: Pullman
- State: WA
- Country: US
5 =>Next
- Cryptographic Service provider properties: use default
- Bit length: change to 2048 6. => Next File name: CSR_YourApplicationName (CSR_dev_YourApplicationName for test site). Click on ellipses and specify where you want to put the certificate. A good place to put the certificate is E:\htmldocs\YourApplicationName
Send generated certificate for approval
1. Logon to LastPass, search cert-manager.com
2. Launch cert-manager (In-Common Certificate Manager). User the email and access code in cert-manager to sign in to In-Common.
3. Fill out the followings:
- Certificate type: use default
- Certificate Term: 3 years
- Server Software: Microsoft IIS5x or later
- CSR: copy and paste the certificate you saved in server E:\htmldocs\YourApplicationName
- Common name: Your Application URL
- Renew: auto renew 30 days before expiration The renewal password is in LastPass Certi-manager
On top part of the page, click the link to edit address detail. Remove Hulbert room 303. 4. Click Enroll to request the certificate.
You will receive email from Certificate Services Manager indicating your request is waiting for approval.
Attach Signed Certificate to web siteApplication
1. In a day or two, you will receive another email from Certificate Services Manage indicating your SSL certificate enrollment is successful and is ready.
2. There are different formats of the certificate. Download the "X509 Certificate Only, Base 64 encoded: " version. Save the certificate in E:\htmldocs\YourApplicationName
3. Sign on to T1Hi, remote desktop to the server. In IIS, right hand side panel click on Complete certificate request. Fill out the form.
- File name containing the certificate authority's response: e:\htmldocs\YourApplicaitonName signed Certificate.
- Friendly Name: Your Application Name (no dev- for test) Certificate will add to the server certificates.
4. Right Click on site, edit binding =>Add=> Your application site https: ip: port: 443 Host Name: url of the site check on "Request server name..." 5. DONE