» IT tipps and howto's

How To: Import SSL Certificates in Windows Server 2003/2008 and configure IIS

Last Update: September 28 2010

Being a fan of Apache I never really understood the actual usage of IIS (Internet Information Server) but sometimes you have to play by the rules and use it for existing applications like Exchange Webmail. As IIS is supposed to be a webserver easy to manage for click-and-play-admins (my synonym for Windows admins) I was surprised how complicated it is, to replace an existing SSL certificate...

Open MMC via Start->Run:
Windows import SSL certificates

In the new opened MMC Console click on File->Add/Remove Snap-in...
Windows import SSL certificates

Another new window opens. Select Certificates on the left and click on Add:
Windows import SSL certificates

Select Computer account:
Windows import SSL certificates

Then select Local computer (selected by default):
Windows import SSL certificates

Now you're back in the MMC window where Certificates have been added. Click on OK.
Windows import SSL certificates

On the left side, open Certificates->Personal->Certificates. On the right-hand side you find the already installed certificates:
Windows import SSL certificates

Right-click on the Certificates-folder, select All Tasks->Import... :
Windows import SSL certificates

The Certificate Import Wizard opens, click on Next. In the following step you need to browse for your certificate:
Windows import SSL certificates

An Explorer windows opens where you can browse where you have saved your certificate. Don't forget to set the correct certificate type, otherwise your certificate won't be shown:
Windows import SSL certificates

Now that you have selected the certificate, click on Next:
Windows import SSL certificates

And the Wizard doesn't stop... yet. If your private key needs a password, type it in, otherwise leave it blank like this:
Windows import SSL certificates

Place the certificate in the 'Personal' certificate store:
Windows import SSL certificates

Now you finally get the last Wizard page where you have to click on Finish:
Windows import SSL certificates

And back in the MMC Console the new certificate will show up in the list:
Windows import SSL certificates

Funny news: That was only the import part! We still need to do the IIS configuration! The configuration on Windows 2003 (IIS 6.0) and Windows 2008 (IIS 7.0) is different, so I'll show both.

 

IIS 7.0 on Windows 2008

Start Internet Information (IIS) Manager and right-click on the selected website, click on 'Edit Bindings...':
Windows import SSL certificates

Click on the binding with port 443 (SSL) and click on Edit. A new window opens where you can select the SSL certificate from the list. If you have certificates with the same name, you can click on 'View' to see the certificate details:
Windows import SSL certificates

There might appear two warnings if you want to replace the existing certificate (in case there was already a certificate before), click twice on 'Yes' in this case.

 

IIS 6.0 on Windows 2003

Start Internet Information (IIS) Manager and right-click on the affected web-site. Click on Properties:
Windows import SSL certificates

In the new opened Properties window, change into the 'Directory Security' tab. At the bottom click on the button 'Server Certificate':
Windows import SSL certificates

This launches a Wizard. On the first page, click on Next. Then select the option 'Replace the current certificate':
Windows import SSL certificates

Now select the certificate you imported before (check the expiration date if you have several certificates with the same name). Click a few times on next until you can click on Finish.

RSS feed

Blog Tags:

  AWS   Android   Ansible   Apache   Apple   Atlassian   BSD   Backup   Bash   Bluecoat   CMS   Chef   Cloud   Coding   Consul   Containers   CouchDB   DB   DNS   Database   Databases   Docker   ELK   Elasticsearch   Filebeat   FreeBSD   Galera   Git   GlusterFS   Grafana   Graphics   HAProxy   HTML   Hacks   Hardware   Icinga   Influx   Internet   Java   KVM   Kibana   Kodi   Kubernetes   LVM   LXC   Linux   Logstash   Mac   Macintosh   Mail   MariaDB   Minio   MongoDB   Monitoring   Multimedia   MySQL   NFS   Nagios   Network   Nginx   OSSEC   OTRS   Office   OpenSearch   PGSQL   PHP   Perl   Personal   PostgreSQL   Postgres   PowerDNS   Proxmox   Proxy   Python   Rancher   Rant   Redis   Roundcube   SSL   Samba   Seafile   Security   Shell   SmartOS   Solaris   Surveillance   Systemd   TLS   Tomcat   Ubuntu   Unix   VMWare   VMware   Varnish   Virtualization   Windows   Wireless   Wordpress   Wyse   ZFS   Zoneminder