How to Install the SSL Certificate in IIS on Windows VPS?

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...
Install the SSL in IIS on Windows VPS

For protection of data and building trust with the user, it is crucial to implement the SSL certificates on your website. This detailed manual will show step by step how to download the SSL certificate, OpenSSL and enable https on the website on the Windows Server.

Step 1: Download Your SSL Certificate

Obtain Your SSL Certificate

  • When you buy an SSL certificate, you are presented with a . compressed folder with several files in it.
  • These usually consist of the primary certificate, for example as . crt, the certificate key as . key, as well as further certificates, for example intermediate or root certificates that are often found combined in a cabundle. crt.

Extract the Files

  • First, develop a new directory at the server where the aforementioned files will be stored. For example, create a directory at c:\cert.
  • Unzip the contents of this directory.

Step 2: Download and Set Up OpenSSL

Download OpenSSL

  • They should go to OpenSSL’s official web-site and download the last version of the tool. Make sure to download the correct version of the software whether for 32-bit or 64-bit PC.

Extract OpenSSL

  • Extract the downloaded OpenSSL file into a directory of your preferred choice. For instance, you might extract it to c:\program files\openssl\.

Configure OpenSSL

  • Locate the openssl.cnf file to be located in the bin directory of the OpenSSL installation.
  • Move the openssl.cnf file to the root directory of OpenSSL. For example, move it from c:\program files\openssl\bin to c:\program files\openssl\.

Step 3: Prepare OpenSSL for Use

Navigate to the OpenSSL Bin Folder

  • Inside the c:\program files\openssl\, users will find the bin folder.

Copy OpenSSL Executable

  • Copy the openssl.exe file from the bin folder to the directory where your SSL certificate files are stored (c:\cert).

Step 4: Create a PFX File

Open Command Prompt

  • Open the Command Prompt, in the folder that contains the exe files, with administrative privileges. You can do this right click on the Command Prompt icon and select the option that says Run as administrator.

Navigate to the Certificate Folder

  •  Type cd to change your current directory to that where your certificates are located.

Execute OpenSSL Command

  • Enter the following command to create a PFX file
openssl pkcs12 -export -out certificate.pfx -inkey certificate.key -in certificate.crt -certfile cabundle.crt -password pass:yourchosenpassword

If your browser has saved your chosen password, replace it with a secure password of your own preferences. This password is to be written down as it will be needed at a later stage in the process.

Verify PFX File

  • Check the c:\cert directory because of a new certificate. pfx file has been created.
Verify PFX File

Step 5: Open IIS Manager

Launch IIS Manager

  • Press Start, then type mmc in the run bar and press Enter.
  • Open the blank MMC console Go up to the Menu, and select Add/Remove snap-in.
  • Go to the Control Panel and click Programs and Features, then click on Internet Information Services (IIS) Manager, next click add, afterward click ok.
Add Certificate

Open Server Certificates

  • After IIS Management has started, on the Connections pane click on the name of your server.
  • Now in the center pane double-click Server Certificates to expand the feature.

Step 6: Import the PFX File

Navigate to Server Certificates

  • In the Connections pane in IIS Manager it is important to expand the node for the server you want to configure for SSL, and then double-click on Server Certificates.

Import the PFX File

  • You will find the Import option in the Actions pane located on the right side of the Windows PowerShell.
  • Browse to the certificate. The .pfx file you created previously should be attached to the message.
  • Type in the password that you have set when creating the PFX file.
  • It informs you that the system is successfully updated with the above certificate, and you just click the OK button to import the certificate into IIS.

Also Read: Steps to Import and Export SSL (PFX) file in IIS

Step 7: Create a New Binding for HTTPS

Navigate to Site Bindings

  • These are what to do: Open IIS Manager then in the Connections pane, expand the Sites node then choose your site.
  • Click Bindings. In the Actions pane with regards to the sites in order to access the Site Bindings window.

Add HTTPS Binding

  • After launching the Site Bindings window, click on add.
  • There are two boxes next to the URL, one is for the Type, select it by clicking on the right box and clicking on https.
  • Select the required IP address, or else leave it as All Unassigned.
  • Now, set the port to 443 which is the good old ssl port number.
  • Under the Host name field input your site’s URL of your site.
  • In the drop down list for the SSL certificate, we have to make a selection of the SSL certificate that was imported earlier.
  • Then click OK to the last step, in order to complete the binding operation.

Step 8: Verify and Configure HTTPS

Verify HTTPS Configuration

  • Open your web browser and navigate to your website using https:// and replace “your domain name” with your own unique suffix (for example, https://yourdomain. com).
  • Ensure that the SSL certificate is properly installed, and no warning is displayed regarding the security issues.

Optional – Redirect HTTP to HTTPS

  • As a result, it is possible to make all traffic to be protected using HTTPS by configuring the HTTP to HTTPS permanent redirect.
  • Make or modify the web.config, and here add the following rewrite rule
<configuration>
            <system.webServer>
            <rewrite>
            <rules>
            <rule name="HTTP to HTTPS Redirect" stopProcessing="true">
                        <match url="(.*)" />
                        <conditions>
                                    <add input="{HTTPS}" pattern="off" ignoreCase="true" />
                        </conditions>
                        <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
            </rule>
            </rules>
            </rewrite>
            </system.webServer>
</configuration>
  • Save the web.config the changes in the app folder and then IIS needs to be restarted.

Step 9: Final Verification

Visit your website using both http:// and https:// URLs to ensure that the HTTP traffic is redirected to HTTPS, and the SSL certificate is working as expected.

Conclusion

SSL certificates provide the best security feature you can expect for your site. Make sure to get it today; spend on security and gain the trust of the customers.

Secure your Site Now

Enable HTTPs on your Website by Purchasing SSL, Generate CSR and Install on your Web Server.

Starts at Just $3.99/Yr
Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.