Windows IIS CSR Certificate Installation
Question
I have a private webserver. I'm trying to install a free SSL Certificate for such webserver. How can I do that? note that later on, I will let external users to access such webserver, so I want to have https with SSL installed, Thanks in advance!
1 answers
solution1
1 2022-07-15 02:28:14
Let's Encrypt is a certificate authority offering a free solution to TLS (Transport Layer Security) encryption for website owners.
Prerequisites
I'm assuming your server is up to date and IIS is already installed.
In addition, you have a top or sub domain, or you have access to their DNS entries. Please add an A record to the IPv4 address of the server and an AAAA record to the IPv6 address of the server in the DNS entries of the domain you want to use.
Required tools
Still, there is no official tool of Let's Encrypt to perform the ACME Challenge on your server. However, since it is an open protocol, there are already many “unofficial” tools, all of which are based on the Let's Encrypt service. I recommend you “Certify the web”. At the moment, “Certify the web” is still in beta. It is however the only tool with GUI so far and offers many premium features such as automated extension of certificates and Multidomain certificates.
Download the free tool here . Then, install the tool on the server where you installed IIS.
Request a certificate with Certify the web
Start the application you just installed by clicking on the desktop icon. You are greeted with the request to register a new contact – accept this request. You can use the e-mail address that you set up to get Reminder from Let's Encrypt about the state of your certificate.
In the next window you enter your e-mail address and confirm the general terms and conditions. The one-time registration process is then completed.
Change now to the IIS and create a binding for your domain.
To do this, click on the corresponding site on the left side of the menu and then on the right side on “Bindings …”
Click on “Add …” and then enter your domain at “Host name:”.
Then click OK.
Go back to Certify and click New Certificate in the top menu. Select your site from the Select IIS Site: drop-down menu. Then the result should look like this:
Then click on Save and on Request Certificate. If everything worked out you get success as feedback.
Then click on “Configure Auto Renew” in the upper menu to activate the automatic renewal of the certificate. Attention: This could become a premium function for paying customers in the future.
Enter a username and password for a user with administrator rights. This is used to execute the commands necessary to update the certificate. If everything has worked, you get the following message:
The certificate is now installed and already available. Change to your browser and go to https://your-domain.tld/ .
Finally, your web site visitors can now communicate through an encrypted connection to your server. However, your site is still accessible under the HTTP version of your domain. To automate the forwarding of HTTP to HTTPS, please refer this .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.