{"id":7462,"date":"2013-03-01T14:43:53","date_gmt":"2013-03-01T19:43:53","guid":{"rendered":"http:\/\/jianmingli.com\/wp\/?p=7462"},"modified":"2015-12-28T23:01:18","modified_gmt":"2015-12-29T04:01:18","slug":"iis-7-ssl-certificate","status":"publish","type":"post","link":"https:\/\/jianmingli.com\/wp\/?p=7462","title":{"rendered":"IIS 7 SSL Certificate"},"content":{"rendered":"<div class='toc wptoc'>\n<h2>Contents<\/h2>\n<ol class='toc-odd level-1'>\n\t<li>\n\t\t<a href=\"#Create_Certificate_Request\">Create Certificate Request<\/a>\n\t<\/li>\n\t<li>\n\t\t<a href=\"#Sign_Certificate_Request\">Sign Certificate Request<\/a>\n\t<\/li>\n\t<li>\n\t\t<a href=\"#Import_Signed_Certificate\">Import Signed Certificate<\/a>\n\t<\/li>\n\t<li>\n\t\t<a href=\"#Assign_Certificate_to_Web_Site\">Assign Certificate to Web Site<\/a>\n\t<\/li>\n\t<li>\n\t\t<a href=\"#Renew_Certificate\">Renew Certificate<\/a>\n\t<\/li>\n\t<li>\n\t\t<a href=\"#References\">References<\/a>\n\t<\/li>\n<\/ol>\n<\/ol>\n<\/div>\n<div class='wptoc-end'>&nbsp;<\/div>\n<span id=\"Create_Certificate_Request\"><h2>Create Certificate Request<\/h2><\/span>\n<p>* Open IIS Manager<br \/>\n* Select server name, e.g. <em>ADFSSVR1<\/em><br \/>\n* Double click <em>Server Certificates<\/em><\/p>\n<span id=\"\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Start.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Start-300x184.jpg\" alt=\"\" title=\"IISCert_Start\" width=\"300\" height=\"184\" class=\"aligncenter size-medium wp-image-7474\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Start-300x184.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Start.jpg 742w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Select <em>Create Certificate Request&#8230;<\/em><\/p>\n<span id=\"_1\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req-300x103.jpg\" alt=\"\" title=\"IISCert_Req\" width=\"300\" height=\"103\" class=\"aligncenter size-medium wp-image-7475\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req-300x103.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req.jpg 794w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Enter Common Name etc<\/p>\n<span id=\"_2\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CN.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CN-300x227.jpg\" alt=\"\" title=\"IISCert_Req_CN\" width=\"300\" height=\"227\" class=\"aligncenter size-medium wp-image-7476\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CN-300x227.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CN.jpg 581w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Select Cryptographic Service Provider properties<\/p>\n<span id=\"_3\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CryptoProvider.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CryptoProvider-300x147.jpg\" alt=\"\" title=\"IISCert_Req_CryptoProvider\" width=\"300\" height=\"147\" class=\"aligncenter size-medium wp-image-7477\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CryptoProvider-300x147.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_CryptoProvider.jpg 509w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Specify a file name to save request file, i.e. CSR file name<\/p>\n<span id=\"_4\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_file.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_file-300x126.jpg\" alt=\"\" title=\"IISCert_Req_file\" width=\"300\" height=\"126\" class=\"aligncenter size-medium wp-image-7478\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_file-300x126.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Req_file.jpg 474w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Click <em>Finish<\/em><\/p>\n<span id=\"Sign_Certificate_Request\"><h2>Sign Certificate Request<\/h2><\/span>\n<p>This example uses <em>AD Certificate Services<\/em> to sign CSR<br \/>\n* Point browser to ADCS, e.g. <em>https:\/\/exchangesvr1\/certsrv\/Default.asp<\/em><\/p>\n<span id=\"_5\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req-300x248.jpg\" alt=\"\" title=\"IISCert_Sign_req\" width=\"300\" height=\"248\" class=\"aligncenter size-medium wp-image-7479\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req-300x248.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req.jpg 522w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Click <em>Request a certificate<\/em><br \/>\n* Click <em>advanced certificate request<\/em><\/p>\n<span id=\"_6\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_adv.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_adv-300x191.jpg\" alt=\"\" title=\"IISCert_Sign_req_adv\" width=\"300\" height=\"191\" class=\"aligncenter size-medium wp-image-7480\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_adv-300x191.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_adv.jpg 311w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Select <em>Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file <\/em><\/p>\n<span id=\"_7\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_1.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_1-300x153.jpg\" alt=\"\" title=\"IISCert_Sign_req_submit_1\" width=\"300\" height=\"153\" class=\"aligncenter size-medium wp-image-7481\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_1-300x153.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_1.jpg 527w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Cut and paste CSR file content,<br \/>\n&#8211; Certificate Template: <em>Web Server<\/em><\/p>\n<span id=\"_8\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_2.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_2-300x289.jpg\" alt=\"\" title=\"IISCert_Sign_req_submit_2\" width=\"300\" height=\"289\" class=\"aligncenter size-medium wp-image-7482\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_2-300x289.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submit_2.jpg 547w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Click Submit<\/p>\n<span id=\"_9\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submitted.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submitted-300x128.jpg\" alt=\"\" title=\"IISCert_Sign_req_submitted\" width=\"300\" height=\"128\" class=\"aligncenter size-medium wp-image-7483\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submitted-300x128.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Sign_req_submitted.jpg 551w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Click <em>Download certificate<\/em> and save signed certificate file, e.g. <em>adfssvr1.exchange.local.cer<\/em><br \/>\n* Optionally, download the certificate chain file which contains CA root certificate in addition to the signed certificate.<\/p>\n<span id=\"Import_Signed_Certificate\"><h2>Import Signed Certificate<\/h2><\/span>\n<p>* Back to <em>IIS Manager > Server Certificates<\/em><br \/>\n* Click <em>Complete Certificate Request&#8230;<\/em><\/p>\n<span id=\"_10\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req-300x97.jpg\" alt=\"\" title=\"IISCert_Complete_Req\" width=\"300\" height=\"97\" class=\"aligncenter size-medium wp-image-7484\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req-300x97.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req.jpg 813w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Browse to signed certificate file and enter a friendly name, e.g. <strong>adfssvr1.exchange.local<\/strong><\/p>\n<span id=\"_11\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req_2.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req_2-300x147.jpg\" alt=\"\" title=\"IISCert_Complete_Req_2\" width=\"300\" height=\"147\" class=\"aligncenter size-medium wp-image-7485\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req_2-300x147.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Complete_Req_2.jpg 502w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Completed:<\/p>\n<span id=\"_12\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Completed.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Completed-300x85.jpg\" alt=\"\" title=\"IISCert_Completed\" width=\"300\" height=\"85\" class=\"aligncenter size-medium wp-image-7486\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Completed-300x85.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_Completed.jpg 673w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<span id=\"Assign_Certificate_to_Web_Site\"><h2>Assign Certificate to Web Site<\/h2><\/span>\n<p>* Back to <em>IIS Manager<\/em><br \/>\n* Right <em>Default Web Site<\/em> and select <em>Edit Binding&#8230;<\/em><\/p>\n<span id=\"_13\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding-300x292.jpg\" alt=\"\" title=\"IISCert_editBinding\" width=\"300\" height=\"292\" class=\"aligncenter size-medium wp-image-7489\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding-300x292.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding.jpg 310w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<p>* Select <em>https<\/em> Type and click <em>Edit&#8230;<\/em><br \/>\n* Select <em>SSL certificate<\/em><\/p>\n<span id=\"_14\"><h6><a href=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding_selectCert.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding_selectCert-300x180.jpg\" alt=\"\" title=\"IISCert_editBinding_selectCert\" width=\"300\" height=\"180\" class=\"aligncenter size-medium wp-image-7490\" srcset=\"https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding_selectCert-300x180.jpg 300w, https:\/\/jianmingli.com\/wp\/wp-content\/uploads\/2013\/03\/IISCert_editBinding_selectCert.jpg 511w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/h6><\/span>\n<span id=\"Renew_Certificate\"><h2>Renew Certificate<\/h2><\/span>\n<p>* <strong>Alway <\/strong>create a <strong>new <\/strong>certificate request<br \/>\n* Do <strong>not <\/strong>use <em>Renew<\/em> certificate function of IIS since there is a security bug with the renew function.<\/p>\n<span id=\"References\"><h2>References<\/h2><\/span>\n<p>* <a href=\"http:\/\/www.sslshopper.com\/article-installing-an-ssl-certificate-in-windows-server-2008-iis-7.0.html\">Installing an SSL Certificate in Windows Server 2008 (IIS 7.0)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Create Certificate Request * Open IIS Manager * Select server name, e.g. ADFSSVR1 * Double click Server Certificates * Select Create Certificate Request&#8230; * Enter Common Name etc * Select Cryptographic Service Provider properties * Specify a file name to &hellip; <a href=\"https:\/\/jianmingli.com\/wp\/?p=7462\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6,55],"tags":[145,359],"class_list":["post-7462","post","type-post","status-publish","format-standard","hentry","category-iis","category-ssl","tag-cert","tag-iis-2"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p8cRUO-1Wm","_links":{"self":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/7462","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7462"}],"version-history":[{"count":6,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/7462\/revisions"}],"predecessor-version":[{"id":11201,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/7462\/revisions\/11201"}],"wp:attachment":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7462"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7462"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7462"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}