Thanks to an encryption technique called SSL (Secure Sockets Layer), a web server and a user’s browser can communicate securely. SSL guarantees that private data, including payment information, login passwords, and personal information, is securely transmitted and encrypted, avoiding message forgery, data manipulation, and spying.
A padlock icon in the browser address bar indicates a secure connection, and websites with an SSL certificate utilise the HTTPS protocol rather than HTTP. Installing an SSL certificate increases user trust and improves security.
The procedures for installing an SSL certificate and creating a Certificate Signing Request (CSR) key in Windows Server 2012 IIS 8 are listed below:
- In the Windows start menu, type Internet Information Services (IIS) Manager and open it.
- In Internet Information Services (IIS) Manager, in the Connections menu tree (left pane), locate and click the server name.
- On the server name Home page (center pane), in the IIS section, double-click Server Certificates.
- On the Server Certificates page (center pane), in the Actions menu (right pane), click the Create Certificate Request… link
- In the Request Certificate wizard, on the Distinguished Name Properties page, provide the information specified below and then click Next
| Common name: | Type the fully-qualified domain name (FQDN) (e.g., www.example.com). |
| Organization: | Type your company’s legally registered name (e.g., YourCompany, Inc.). |
| Organizational unit: | The name of your department within the organization. Frequently this entry will be listed as “IT”, “Web Security,” |
| or is simply left blank. | |
| City/locality: | Type the city where your company is legally located. |
| State/Province: | Type the state/province where your company is legally located. |
| Country: | In the drop-down list, select the country where your company is legally located. |
- On the Cryptographic Service Provider Properties page, provide the information below and then click Next.
| Cryptographic | In the drop-down list, select Microsoft RSA SChannel Cryptographic Provider, |
| service provider: | unless you have a specific cryptographic provider. |
| Bit length: | In the drop-down list select 2048, unless you have a specific reason for opting for a larger bit length. |
- On the File Name page, under Specify a file name for the certificate request, click the … box to browse to a location where you want to save your CSR.
Note: Remember the filename that you choose and the location to which you save your csr.txt file. If you just enter a filename without browsing to a location, your CSR will end up in C:\Windows\System32.
- When you are done, click Finish.
- After you receive your SSL certificate from Globalsign, you can install it.
How to Install and Configure Your SSL Certificate on Windows Server
- On the server where you created the CSR, save the SSL certificate .cer file (e.g., cer) that globalsign sent to you
- In the Windows start menu, type Internet Information Services (IIS) Manager and open it.
- In Internet Information Services (IIS) Manager, locate and click the server name in the Connections menu tree (left pane).
- On the server name Home page (center pane), in the IIS section, double-click Server Certificates.
- On the Server Certificates page (center pane), in the Actions menu (right pane), click the Complete Certificate Request… link.
- On the Complete Certificate Request wizard, on the Specify Certificate Authority Response page, do the following and then click OK:
| File name containing the | Click the … box and browse to and select the .cer file |
| certificate authority’s response: | (e.g., your_domain_com.cer) that globalsign sent to you. |
| Friendly name: | Type a friendly name for the certificate. |
| Select a certificate store | In the drop-down list, select Web Hosting. |
| for the new certificate: |
- Now that you have successfully installed your SSL certificate, you need to assign the certificate to the appropriate site.
Assign an SSL Certificate to the domain from IIS
- In Internet Information Services (IIS) Manager, in the Connections menu tree (left pane), expand the name of the server on which the certificate was installed. Then expand Sites and click the site you want to use the SSL certificate to secure.
- On the website Home page, in the Actions menu (right pane), under Edit Site, click the Bindings…
- In the Site Bindings window, click Add.
- In the Add Site Bindings window, do the following and then click OK:
Type: In the drop-down list, select https.
IP address: In the drop-down list, select the IP address of the site or select All Unassigned.
Port: Type port 443. The port over which traffic is secure by SSL is port 443. SSL certificate: In the drop-down list, select your new SSL certificate (e.g., yourdomain.com).
- Your SSL certificate is installed, and your website is now secure and ready for safe connections.
Would you like to enhance your website security further? Check out SSL Secure Seals for additional protection.
We hope you found our article helpful!
For SSL installation on Plesk, check out our guide on How to install an SSL certificate for a domain in Plesk