IIS7 : HOW TO configure a website for HTTPS?

  • Article

I will be discussing about configuring HTTPS for a website on IIS 7. The UI of the IIS manager in IIS 7 is completely different from that of IIS 6. Initially it will look as if you are going to use a brand new product which you are trying for the first time. But, if you are used to it, you will definitely appreciate the simplicity and easiness of configurations using IIS 7 manager.

To setup a website for HTTPS, you will definitely need the following things (apart from some general network stuffs like opening the port, firewall rule, etc):

1. Web Server Certificate

2. SSL Port

Getting a Web Server Certificate

To get a web server certificate, in IIS 6 manager, you will go into website’s properties à Directory Security and you will bring the Server Certificate wizard by clicking on the Server Certificate button under Secure communications. But, here in IIS 7, you can select this in a global place in the IIS 7 manager. Follow the below steps for the same:

1. Open the IIS 7 manager.

2. Select the computer name under Connections (in the left hand side).

3. Select the Features View and double click on the “Server Certificates” feature.

4. You will find options to create a Certificate request, Complete Certificate Request, Create Domain Certificate and Create Self-Signed Certificate under the Actions pane (in the right hand side).

5. For this example, lets create a self signed certificate – Click on “Create Self-Signed Certificate…”.

6. Specify a friendly name for the certificate and click on OK.

7. Our self-signed certificate will be created and ready to use.

Configuring the SSL port for a website

In IIS 6 manager, you will go into website’s properties and give the port number in the SSL port textbox. But, here in IIS 7, it is little different. Follow the below steps for the same:

1. Open the IIS 7 manager.

2. Select the website under Connections (in the left hand side).

3. Click on Bindings under the Actions pane (in the right hand side).

4. Now, click on Add.

5. Select the type as https and enter the Port – default will be 443.

6. You cannot click on the OK button till you select the SSL certificate for the site.

7. If you haven’t installed any server certificate, you won’t see any certificate listed in the drop down box. To get a server certificate, please follow the above steps under “Getting a Web Server certificate”.

8. Select the certificate and click on OK.

Now, your website is configured for SSL and it will be accessible via https. But, you may see some certificate related errors since this is a self-signed certificate.