Most Popular
- The Most Common OpenSSL Commands
- Stop the "page contains secure and nonsecure items" warning
- How To Configure SSL Host Headers in IIS 6
- Firefox 3 developer explains "broken" SSL error pages
- Installing an SSL Certificate in Windows Server 2008 (IIS 7.0)
Login:
Installing an SSL Certificate in Windows Server 2008 (IIS 7.0)
Scott Lowe introduces the topic of requesting and installing a certificate in Microsoft's new server platform, Windows Server 2008 which uses Internet Information Services (IIS) 7.0. Though it is similar to how previous versions of IIS do it, there are some important differences.
He briefly introduces SSL and some different types of certificates:
In the most simplistic view, there are four kinds of certificates to which you will be exposed during your SSL installation:
- Self-signed SSL certificates: These are certificates that you generate and use to encrypt information passing between a client and your server. These certificates are good insofar as they do allow you to encrypt data, but since they are created on-site, the certificates have not been verified by a third party entity, meaning that the site can’t necessarily be trusted.
- Third-party SSL certificate: A third-party SSL certificate provides the same encryption capabilities as a self-signed certificate. However, since the certificate is issued by a third party, it is considered a more trusted type of certificate, especially when the certificate chain extends to a trusted root certificate.
- Intermediate certificate: Not all SSL certificate vendors are created equal. In order to be fully trusted, any certificate you obtain needs to eventually link to a root certificate that is trusted by your Web browser. However, not all vendors’ SSL certificates are natively trusted by root certificates. As such, with these vendors, you need to complete the SSL trust chain by (in addition to installing your SSL certificate) installing an intermediate certificate between a root certificate and your new SSL certificate. If you skip this step, users will continue to get certificate errors until this trust chain is established. The use of an intermediate SSL certificate requires a bit of additional network communication at the initial establishment of an SSL-secure session but beyond that, there is no performance penalty.
- Trusted root certificate (or Trusted root certification authorities): A root certificate is the Grand PooBah of the certificate world. In order to complete the trust chain, your individual certificate must, in some way, link to a root certificate.
A third-party SSL certificate is generally considered more trusted than a self-signed certificate since the certificate information is verified by a third party and the certificate ultimately maps to what is called a trusted root certificate.
Scott then shows us how to prepare a Certificate Signing Request (CSR).
After submitting the CSR to a certificate authority, the certificate then needs to be installed using the IIS Complete Certificate Request option. Then the https web site needs to be bound to the certificate.
How do I… Request and install SSL certificates in IIS 7.0? - [TechRepublic]
Update: As Dean posted below, there are some good screencasts for installing an SSL Certificate in IIS 7 at NetoMeter.
Digg
Slashdot
del.icio.us
Reddit
furl
Posts: 1
Reply #1 on : Mon May 26, 2008, 11:59:38
Write a comment