+49 (0) 7245 919 581 info@eunetic.com
Login
  1. Home
  2. EuropeanSSL Knowledge Base
  3. EuropeanSSL Install
  4. How do I install my SSL certificate on IIS7 (Windows Server 2008)?
europeanSSL
Knowledge Base

How do I install my SSL certificate on IIS7 (Windows Server 2008)?

This article will guide you through the ordering process to set up a EuropeanSSL certificate on an IIS7 (Windows Server 2008). The new version brings big changes in the management of SSL certificates. Especially with regard to the creation of certificates, which has become much easier with this version.

In addition to the already known options to order and install SSL certificates, the IIS7 also includes the following:

  • generate more than one certificate at a time
  • easily import, export and renew SSL certificates.
  • self-signed certificates can be created quickly for test purposes.
A
Creation of the Certificate Signing Request (CSR)

The first step starts already before the actual order, with the creation of a Certificate Signing Request (CSR). On the IIS7 this is very simple:

  1. Click on the "Start", navigate to "Administrative Tools" and click on the Internet Information Services (IIS) Manager.
  2. In the "Connections" section on the left, click on the name of the server and then select the "Server Certificates" option by double-clicking on it.
  3. Now click on "Create Certificate Request" in the column "Actions" on the right side.
  4. Now enter all data about your company and the host name for which you need a certificate in the fields provided.

    Common Name: the host name for which you need a certificate.
    Organization: The name of your company. Please enter the exact name including the type of company (GmbH, AG, etc.).
    Organizational Unit: The department that manages and sets up the certificate.
    City / Locality: Please enter the location of the company.
    State / Province: Enter the state here.
    Country / Region: Please enter the country code here.
  5. After entering all information please click on "Next".
  6. Leave the default Cryptographic Service Provider as it is and set the bit length to at least 2048 bit or higher.
  7. Then click on "Next".
  8. In the last step, use the folder selection ( button with 3 points ) to specify the name and folder under which the CSR is to be saved.
  9. Then click on "Finish".

You can now use the CSR you just created to order your EuropeanSSL certificate on our website. After issuing the certificate, you will receive a zip file from us by e-mail containing the actual certificate (.crt file) and the required certificate chain (.ca file). You will then need these two files when installing the certificate on your web server.

B
Installation of the SSL certificate on the IIS 7

Now the installation of your acquired certificate on your web server takes place.

  1. In order to set up your new EuropeanSSL certificate on the IIS7, please copy the files to your web server in the first step.
  2. Go to the "Start", navigate to "Administrative Tools" and click on the Internet Information Services Manager (IIS).
  3. In the "Connections" area on the left, click on the name of the server and then select the "Server Certificates" option by double-clicking it.
  4. Now select the "Complete Certificate Request" item in the "Actions" column on the right.
  5. Via the folder selection ( button with 3 points ) please navigate to the received certificate file (.crt).
  6. For security reasons, select "view all Types" when selecting the display to ensure that the file is displayed.
  7. In the "Friendly Name" field, enter a name that you can easily remember to find the certificate later. 
  8. Then click on "OK".
  9. If all entries are correct, you will see the newly installed certificate in the list of installed certificates of the server.
  10. If you receive the message that the private key was not found, please make sure that you install the certificate on the same server where you created the CSR. If necessary, you can also replace the certificate free of charge via your customer account. First, generate a new CSR on your webserver. Then log in to our website, go to the certificate details and click on the "Modify" button. In the following window, you can then replace the existing CSR with the new CSR and initialize the replacement. Please note that the validation must be carried out again when replacing a certificate.

Please note that it is generally not possible to use our CSR generator in conjunction with the IIS webserver, as it only accepts certificates for which the CSR was generated on the server itself. If the server does not accept the CSR and certificate, you can reissue them as described above.

C
Bind the certificate to a website
  1. Click Start, navigate to Administrative Tools, and select Internet Information Services Manager (IIS).
  2. In the "Connections" area, select the web page that you want to link to the certificate. Then click on "Bindings" in the right column.
  3. Now click on the button "Add".
  4. Change the field "Type" to "https" and select the certificate you want to link to the website in the field "SSL Certificate" (The list shows your certificates with the previously created "Friendly Name").
  5. Click "OK".
  6. In the list of shortcuts you will now see the link for https with port 443.
  7. Click on "Close".
D
Establish an Intermediate Certificate on IIS 7

The installation of the supplied intermediate certificates (.ca file) is important. If this certificate is not installed, the certificate chain is not closed and the browser does not classify your website as trustworthy.

  1. To install, place the intermediate certificate in a folder on your web server.
  2. Double-click on the intermediate certificate to display the certificate details.
  3. In the "General" tab, click on the "Install Certificate" button to open the Import Wizard.
  4. Then click on "Next".
  5. In the certificate import wizard select the option "Place all certificates in the following store" and click on "Browse...".
  6. Activate the option "show physical stores", expand the folder "Intermediate Certification Authorities" and select the folder "Local Computer".
  7. Now click "OK", then "Next" and then "Finish" to complete the installation of the Intermediate Certificate.
  8. It may be necessary to restart the IIS 7.

You can check whether the installation of the certificate has worked as desired by simply calling up the website with https instead of http as usual. The SSL Checker on our website offers you a more detailed check.

In case you have any question or experienced any problem, please do not hesitate to contact our support.

Back to the index...
Was this article helpful?
No Yes
We use cookies for the technical functionality of this website. With your consent, we also collect page views and other statistical data in anonymized form.

Only required
Accept all
Select individually
Cookie Settings
Read Privacy Statement