• Home
  • |
  • Blog
  • |
  • Step-By-Step Procedure To Install An SSL Certificate On The IIS Server
How to Install an SSL Certificate on the IIS Server

We have created this post to help those who wants to know how to install an SSL certificate on the IIS server. You should begin following this procedure only after you acquire an SSL/TLS certificate for your application. If you don’t have a certificate issued for your application hosted on the IIS server yet, please get a certificate for your application from your Certificate Authority.

To get a certificate for your application:

  1. Contact your Certificate Authority
  2. Create a Certificate Signing Request (CSR) and submit to Certificate Authority
  3. Download the Certificate from the Certificate Authority

If you think you need assistance in creating a CSR in the IIS serer, we have punished a post “How to Create a CSR in the IIS Server” that helps you with this.

Time needed: 30 minutes.

How to Install an SSL Certificate on the IIS Server?

Installing an SSL certificate on IIS 10 is a fairly simple process that can be completed in just a few minutes. However, before you begin, there are a few things you need to make sure you have:

1. A valid SSL certificate. You can purchase one from a reputable Certificate Authority such as Symantec, GeoTrust, or Comodo.
2. The IIS 10 server was installed and configured.
3. Administrator access to the server.

Once you have all of the prerequisites out of the way, follow these steps to install an SSL certificate on the IIS server:

  1. Launch Information Service (IIS) Manager

    Let’s begin the CSR generation process by launching Internet Information Service (IIS) Manager.
    In Server Manager, go to Tools –> Information Service (IIS) Manager.Launch Information Service (IIS) Manager

  2. Verify Certificates installed on the IIS Website

    Select  Server Name and Double-Click on Server CertificatesVerify Certificates installed on the IIS Website

  3. List of certificates installed in IIS Server.

    As you can see in the picture, no certificates were installed on the IIS server yet.List of certificates installed in IIS Server

  4. Generate Certificate from CSR file

    Let’s generate Certificate using the CSR file generated in this post. To generate certificate, login to the Local Certification Authority ADCS portal.login to the Local Certification Authority ADCS portal

  5. Request for a Certificate

    After you login to the Local Certification Authority ADCS portal, you will be greeted with three options. Let’s click on ‘Request a certificate‘ option to submit your CSR.Request for a certificate in ADCS portal

  6. Select the Certificate Type in ADCS portal

    Since we are requesting certificate for IIS server, click on ‘advanced certificate request‘.Select the Certificate Type in ADCS portal

  7. Submit the CSR on ADCS portal

    Since we have the CSR file with us, click on ‘Submit a certificate request by using a base-64-encoded CMC or PKCS # 10 file or submit a renewal request by using a base-64-encoded PKCS #7 file‘.Submit the CSR on ADCS portal

  8. Submit the content of CSR file and Select the Certificate Template

    Copy the contents of the CSR file which was generated from IIS server and paste under ‘Base-64-encoded certificate request (CMC or PKCS # 10 or PKCS #7):’ Select ‘Web Server’ template under ‘Certificate Template‘ and click on ‘Submit‘. This completes the certificate submission process here.Submit the content of CSR file and Select the Certificate Type

  9. Download the Certificate from ADCS Portal


    Let’s wait until the certificate will get issued by your Certificate Authority. After the certificate is issued.
    Download the certificate by clicking on ‘Download Certificate‘ and save the certificate on local drive by clicking on ‘Save’.Download the Certificate from ADCS Portal

  10. Save the certificate on local drive

    Saved the certificate on local drive

  11. image

  12. Import the Certificate into the IIS Server

    To install the certificate open Internet Information Certificate (IIS) Manager. Select Server Name –> Double-Click on ‘Server Certificates‘ –> click on Complete Certificate Request to import the certificate.Import the Certificate into the IIS Server

  13. Specify Certificate file and Certificate Store

    FileName containing the certification authority’s response: Select Certificate file.
    Friendly Name:  To identify the certificate in IIS Manager.
    Select a certificate store for the new certificate:  Personal
    Click OK to complete the certificate Import wizard.Specify Certificate file and Certificate Store

  14. The Certificate is installed on the IIS certificate store

    Now we can see the Installed certificate in IIS certificate Store.List of Certificates is installed on the IIS certificate store

  15. Bind Certificate to the Website in the IIS server


    Open Internet Information Services (IIS) Manager
    Select  Server Name –> Sites –> Select the Website for which certificate to be Bind (Default Web Site)
    Click on ‘Bindings…‘ under ‘Edit SiteBind Certificate to the Website in the IIS server

  16. Site Bindings – Add the certificate to the Bindings

    In Site Binding Wizard, click on AddSite Bindings - Add the certificate to the Bindings

  17. Fill the Site Binding details

    Update Site Binding details as below,
    Type: https
    Hostname: Web Site Name
    SSL certificate: Select the appropriate certificate from the dropdown list. List contains all installed certificate in the certificate store
    click OK to completeFill the Site Binding details

  18. Complete the Site Binding process in the IIS server


    Now ‘https’ is enabled for the  web site (Default Web Site). click OK to complete the wizardComplete the Site Binding process in IIS

  19. Access Web application with ‘HTTPS’ protocol


    Now website is opening with HTTPS and the connection is encrypted by the certificate issued by Local ADCS server.Access Web application with 'HTTPS' protocol

  20. View the Certificate to ensure you installed the correct certificate

    image(1)

This is how you can Install an SSL Certificate on the IIS Server.

We hope this post will show you step by step procedure to Install an SSL Certificate on the IIS Server. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this.

About the author

Arun KL

Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.