Following are the steps for generating the CSR key and installing SSL Certificate in Windows Server 2012 IIS 8.
Steps to Generate a CSR Key for an SSL Certificate:
- Open IIS manager.
- Click on Computer name and select Server Certificates option.
- Click on Create Certificate Request... option from the Action Pane.
- You will see a Request Certificate wizard, fill all the details and click on Next button.
- Common Name: Your domain name, (e.g., www.domain.com)
- Organization: Name of your company
- Organizational unit: Name of your department
- City/locality: The city in which your organization is located
- State/province: The state in which your organization is located
- Country/region: Two digit country code (i.e. US for United States)
- Select Cryptographic service provider from the list, select the bit length of the encryption key and click Next button.
- Specify filename with full path where you need your csr key. You can also click on… button to move to the particular path and provide the file name. Click Finish button to generate CSR Key file.
- Your CSR key for SSL Certificate is generated. Now open your csr key file and copy it including the “-----BEGIN NEW CERTIFICATE REQUEST-----” and “-----END NEW CERTIFICATE REQUEST-----” lines. Paste this code in online order process and complete the ordering process.
When you get the SSL Certificate, perform following steps to install it:
- Open IIS Manager.
- Click on Server Certificates.
- Select Complete Certificate Request option from right side pane.
- You will see Complete Certificate Request wizard. Specify full path of your certificate or select it by clicking on… button. Provide a unique friendly name to identify your SSL Certificate and select certificate store, normally it should be Personal.
- Click on Ok button. Your SSL certificate is installed successfully.
- Now you will need to assign this certificate to your website.
- From the IIS Manager, select the website in which you want to assign SSL Certificate.
- From the right side action pane, click on Bindings.
- A Site Bindings dialog box will be displayed. Default binding for the website will be on port 80. Select http type and click on Edit button, if you want to use only https:// protocol for your website.
- However, if you wish to run your website on both the protocol (i.e. http:// and https://), click on Add button to add bindings.
- Add Site Binding dialog box will be appear, Choose https as a type of binding, select unique IP address for your website. https:// protocol uses 443 port, keep this port as it is. The Hostname is an optional field, type hostname in Host Header box if you wish. From the dropdownlist, select the name of the certificate which we have created earlier.
- Click on OK button. To check the SSL is installed and configured properly, click on Browse button.
If your website will load without any error, your SSL Certificate is configured properly.