Select Page

Installing an SSL Certificate on Windows 2012

Installing an SSL Certificate on Windows 2012

As I’m sure you know if you’re reading this, SSL certificates protect your website visitor’s personal information by encrypting anything they type into your website when connected via HTTPS rather than HTTP which is unencrypted.

If you’re taking credit card information or allowing users to login into your site with a password then HTTPS is a must.  Even if you’re only taking contact information or an email address for a newsletter, securing the connection between your site and your visitor is good practice.

Then there’s GDPR – see here – we’re you could also be held accountable for protecting your visitor’s information.

Put all that together with the fact the Google’s Chrome warns users if your website is unsecured and takes information then spending a little time (and money) on an SSL certificate is a good investment.

Generating a Certificate Signing Request (CSR)

This sounds pretty complicated but all we’re doing is creating a file which holds our website details which we’ll later use to buy a certificate.

1. Open the Internet Information Services Manager (note – not version 6 if you have both installed).

image

2. Click on the server name.

image

3. Double click the Server Certificates icon.

image

4. Under the actions Heading on the right of the screen, click Create Certificate Request.

image

5. Fill in all the requested information above.  Note that the Common Name field is the name of your website that you want to secure – such as www.mywebsite.com then click the [Next] button.

image

6. For standard SSL certificates leave the Cryptographic service provider set to Microsoft RSA and change the Bit length to 2048 as shown then click the [Next] button.

image

7. Finally, enter a name for your CSR file and click finish.  The file by default will be stored in your my documents folder.

Getting Your Certificate

The exact process when buying your certificate varies slightly from vendor to vendor.  I use Namecheap – note no affiliate link, or LetsEncrypt.

Namecheap is easier for those new to SSL certificates but LetsEncrypt is free.  The main difference apart from the price is that you can buy an SSL certificate from Namecheap for 1,2 or 3 years, where with a LetsEncrypt certificate you have to renew every 3 months.

The main process for most vendors is :

1. Type in your details.

2. Copy and paste the text from the CSR.

3. Confirm how to verify you own the domain name (usually via email).

4. Pay.

5. Receive an email from vendor with a link to confirm you are who you say you are.

6. Certificate is emailed to you.

As I said, the exact process may vary slightly but hopefully you get the idea – and see it’s not too hard.

Installing The Certificate

After receiving the certificate it now needs installing on the server.

1. Upload the file to the server however you choose.

2. Open the Internet Information Services Manager (again not version 6 if you have both installed).

image

2. Click on the server name.

image

3. Double click the Server Certificates icon.

image

4. Under the actions Heading on the right of the screen, click Complete Certificate Request.

image

5. Select your uploaded certificate file.

image

6. Enter a friendly name, i.e. the website name and then click the [OK] button.

Bind Your Certificate to a Website

OK, so we’ve generated a CSR, bought the certificate and installed the certificate.  Is that it?  Not quite.  There is one thing more to do.  We need to bind the certificate to a specific website.

1. In the IIS Manager right click the website and select Edit Bindings.

image

2. Click the [Add] button.

image

3. Change the Type to HTTPS.

image

4. Enter the name of your website

image

5. Select the SSL certificate and click the [OK] button.

image

That’s it.  You’re done.  How easy was that?

Leave a reply