Configure https for iis Service in Windows 2008
- Use the CA service of Windows Server 2008 R2 to create a certificate, and click Add Role in Server Manager.
- Select Active Directory Certificate Service.
- To add services, you need to select three services: Certificate Authority, Certificate Authority Web Registration and Online Response Program.
- Because it is not a domain control environment, you can simply select Independent (A).
- For the first CA installed, simply select Root CA(R).
- Simply select Create Private Key (R).
- Simply keep the default here. Of course, if you need a customized setting, you can also choose customized setting.
- It is recommended to keep the default name of CA here.
- Set the valid period of the certificate, which by default is 5 years. This can be set according to the situation of the Web.
- Set the certificate database location and log location at your discretion.
Create IIS service:
- After installing the CA certificate, the installer will automatically boot and start the IIS installation.
- In this case, you need to tick ASPNETt and .NET Expansibility.
- It should be noted that the computer name or domain name cannot be changed after the certificate is installed.
- Finally, make sure that the certificate service and Web Server IIS are successfully installed.
Create a self-signed certificate:
- Select Server Certificate in the IIS Manager.
- Select the previously created certificate and select Create Self-Signed Certificate.
- Set a name that is concise and understandable.
Build https website:
- Add a new website.
- Set the main directory of the website, set the type as https, and simply select the testca that is set in the previous stage for SSL certificate.
- Set an Index.html test page in the root directory of the website.
- Select the site and click the default document.
- Move the Index.html default document to the top.
- Perform access test with HTTPS used for the external network. You can see it and access it, but because the certificate is not issued by a public CA, there will be a security tip. If you purchased a CA certificate, when a paid certificate is used, usually there will be no such security risk tip.
- Select Go on and you will find that the website can be accessed normally.
If your problem still can not solved, please submit open ticket to us.