Create A SSL Certificate

1 minute read

Description:

Follow these steps to create a SSL Certificate in Windows Server 2012 with Digicert (a common CA(Certificate Authority)). Note you will need IIS v8 or 8.5 installed by installing the IIS Role under Server Roles.

To Resolve:

  1. Open IIS Manager => Select your server name on the top left => Server Certificates

  2. After selecting it, click on “Create Certificate Request..”.

  3. Fill it out the “Distinguished Name Properties” window accordingly:

    • Common Name = The name through which the certificate will be accessed (usually the fully-qualified domain name, e.g., www.domain.com or mail.domain.com).

    • Organization = The legally registered name of your organization/company.

    • Organizational unit = The name of your department within the organization (frequently this entry will be listed as “IT,” “Web Security,” or is simply left blank).

    • City, State, Country = Self Explanatory.

    create-a-ssl-cert

  4. Click “Next” and then move on to the “Cryptographic Service Provider Properties” window. Select “Microsoft RSA Schannel..” and “2048” for bit length => Next => Save the file somewhere you will remember. You will need to open this file and copy and paste the entire file into the Online Order Request in the following steps.

  5. Fill out the request on Digicerts website and they will email you the .cert file. Save it where you know how to get to it.

  6. Open IIS Manager => Select your server name on the top left => Server Certificates.

  7. Click on Server Certificates => Complete CSR Request => Upload the cert file (friendly name = used by server admin to distinguish) => Choose “Personal” cert store for a single cert.

  8. The certificate is now installed. Note that for Multiple Certificates using SNI, you would do the same steps but choose “Web Hosting” store instead. Also, for your second site, when you “Add Site Binding” you MUST check the box that says “Require Server Name Indication”.

  9. (Optional) If you requested the cert for a website, you would then open IIS Manager => Sites => (SiteName) => Bindings => Add => Add Site Bindings => Protocol: HTTPS/ Port: 443/ Cert: CertName from earlier.

Comments