Configure an IIS Domain Member Server with Certificate from Enterprise Certificate Authority
In this entry I will discuss setting up a certificate to encrypt traffic via HTTPS for an IIS 7.5 web site. This example assumes that that IIS web server is a member of an Active Directory domain and that an enterprise certificate authority (CA) is configured on a server in this domain. You can find details on how to set up an enterprise CA for you domain here. Time to get started.
Go to Start > Administrative Tools > Internet Information Services (IIS) Manager.
Highlight the server name in the left pane, then scroll down in the center pane and double click Server Certificate.
Now in the right Actions pane click “Create Domain Certificate”.
Enter the name information for the new certificate. Most important is the Common Name, here you’ll want to use the server name that you’ll use to access the web site in the browser’s address bar. This has to be exactly the same or you’ll receive a warning about the certificate. You can specify only the server name if the server is in search domain configured on the client, but best practice is to enter the full qualified domain name like “YourServer.YourDomain.com”. Click Next.
Highlight the certificate authority that will sign your web site certificate and click OK.
Under Friendly Name chose a name for the new certificate. Generally I like to include the Common Name specified previously with the format “CommonName-CertificateAuthorityServerName” so this certificate is easier to identify in IIS later. Click Finish.
Back at IIS Manager, select “Default Web Site” in the left pane and click Bindings in the right Actions pane.
In the Site Bindings dialog highlight https and click Edit. If https is not displayed click Add and select https in the Type dropdown list.
In the SSL Certificate dropdown list, select the certificate with the Friendly Name from the trusted CA we created earlier. Make sure and choose the right one, if you select the existing self signed certificate it won’t work. Click OK, click Close, and close the IIS Manager.
Your IIS web site is now configured to accept HTTPS traffic!