|
SSL Certificate Installation in Microsoft IIS 5 & 6
How to install
your SSL Certificate to your Windows 2000/2003 Server
Save just the Bundle Certificate (CertificateBundle.p7b) from your DigiCert Customer
Account to the desktop of the web server you are securing.
1) Install your Certificate:
Go to your Administrative Tools, and Open the Internet Services Manager.
Right-Click on the Default Website and select Properties. Go to the
Directory Security panel. Click on "Server Certificate..." button. This will start the certificate wizard. Hit "Next".
Choose to Process the pending request and install the certificate and click Next.
"Browse" for your SSL Certificate. Make sure to view all file types (Windows only looks for .cer files by default.)
Locate your Bundle Certificate (CertificateBundle.p7b) Click Next. Follow
the rest of the wizard steps until finished.
2) Restart your Server.
*** Note: The installation of your DigiCert Certificate is complete once you have finished Step 1 (above). In most situations IIS will
instantly begin using the new certificate and a restart is not necessary. However, if you notice that the server continues to use an old
certificate or the server will not load https at all then shutdown and restart the server.
3) Backup the certificate and private key (Recommended)
It is always good to keep a backup of your certificate and private key incase your server crashes.
You must backup your certificate from your server in order to include a backup of your private key.
The private key is not included in your certificate files, and the certificate is not functional
without the private key.
To backup your SSL Certificate and private key do the following:
From the Start menu, select 'Run...'. Type 'mmc' and hit Enter.
Under the File menu, choose Add/Remove Snap in.
Go to Add, then from the Add Standalone Snap-in panel choose Certificates,
and click Add.
Choose Computer Account and click Finish.
Close the snap-in panel, clicking OK.
This should return you to the MMC.
Expand the Personal Folder and
view the contents of the Certificates. You will see your primary certificate listed (this is the Primary Certificate
which was installed to the pending request). Right-click your Primary Certificate and choose All Tasks, then
choose Export. This opens the Certificate Export Wizard - Click Next.
Select the option to 'Yes, export the private key' and hit next. Choose to backup the certificate to a
PKCS 12 (.PFX) file. Select the option to include all Certificates in the
Certification Path if possible. Select to enable protection.
Do Not select the option to Delete the Private-Key if the export is successful.
You will be prompted to choose a password. Be sure to remember it, as it will be
required if you ever need to import the .pfx file.
This will save a .pfx file - Save it to a secure location off of the server.
4) Import the Intermediate
Certificate (Not required for most installations)
Because the DigiCert Intermediate Certificate is installed automatically when you install the Certificate Bundle file (your_domain_name.cer)
to your server in Step 1, this step should not be necessary for most installations. When the certificate is correctly installed to your server
browsers will not display any certificate warnings whatsoever. However, if your clients are getting a warning stating that the certificate was
issued by a company that you have not
chosen to trust, then the following procedure will fix that problem.
Download the DigiCertCA.crt Certificate file from inside your DigiCert account and save it to your desktop.
Double-click the certificate. This will open the certificate to view.
At the bottom of the General tab, click the "Install Certificate..." button.
This will start the certificate import wizard. Click "Next".
Choose to "Place all certificates in the following store", and click "Browse".
First, click the "Show physical stores" box, then expand the Intermediate Certification Authorities folder, select the underlying Local Computer
folder, and click ok.
Hit "Next", then "Finish"
Your intermediate certificate is now installed. Restart your server.
SSL Certificates :: Microsoft Internet Information Server 5x & 6x
How to install your SSL Digital
Certificate to your Windows 2000 or 2003 Server.
 | 
