Installing SSL certificates on Windows 2008 R2 and 2012 servers
This article shows how to install SSL certificates on Windows 2008 R2 and 2012 servers.
Note: Because SSL certificates changed little during the update from 2008 R2 to 2012, the instructions in this article apply to both versions.
Generate a certificate signing request (CSR)
- Open the Internet Information Services (IIS) Manager.
- Select the server name and then double-click Server Certificates.
- Under Actions, click Create Certificate Request.
- On the Distinguished Name Properties page of the Request Certificate wizard, complete all of the fields for your certificate and then click Next.
- On the next page of the wizard, select a cryptographic service provider (the default is usually acceptable) and the bit length of the encryption key (the recommended minimum is 2048 bits). Then click Next.
- On the File Name page, enter the location where you want to save the certificate request file, and then click Finish.
Install the certificate
- After you get the certificate from your preferred SSL vendor, in the IIS Manager, select the server and double-click Server Certificates.
- Under Actions, click Complete Certificate Request.
- In the wizard, select the location of the certificate file, which is the same location you chose when generating the CSR in the preceding section.
- (Windows Server 2012 only) Name the file and choose your store.
- Click OK.
Set up the bindings
- In the IIS Manager, right-click your site and select Edit Bindings.
- In the Site Bindings window, click Add.
- In the Add Site Binding dialog box, perform the following steps:
- Set the value of Type to https.
- (Windows Server 2012 only) Specify the host name, if necessary.
- From the SSL certificate list, select your certificate.
- Click OK.
After the binding is set up, the Site Bindings window shows the binding for HTTPS.
Import an SSL certificate
- In the IIS Manager, double-click Server Certificates.
- Under Actions, click Import.
- Select the location of your certificate file, enter the password (if you set one), and choose your certificate store (Windows Server 2012 only). Then, click OK.
Updated 5 months ago