In part one of my series on setting up SSL on IIS 6, I'll describe all of the steps that are necessary to request an SSL certificate for a website. Once you have completed your certificate request, you would send that to a Certificate Authority (CA) for approval. In subsequent blog posts I'll discuss submitting a certificate to a CA - specifically Certificate Services on Windows Server 2003 - and then I'll discuss obtaining a certificate and installing it on your IIS server. But for now, let's get started with a creating certificate request. To do so, use the following steps.
- Bring up the properties for a website:
- Switch to the "Directory Security" tab and click "Server Certificate:"
- Click "Next" to bypass the first page:
- Choose to "Create a new certificate" and click "Next":
- Choose to "Prepare the request now, but send later" and click "Next":
- Enter a friendly "Name" for the request, and your desired "Bit length". Click "Next":
- Enter your "Organization" and "Organization unit", then click "Next":
- Enter the "Common name" for your site then click "Next":
Note: This must be the actual web address that users will browse to when they hit your site.
- Enter your "Country", "State", and "City", then click "Next":
- Enter the "File name" for your request, then click Next:
- Review the information for your request, then click Next:
- Click "Finish" to exit the wizard.
FYI: If you were to open your request file in Notepad, it will look something like the following:
In the next post of my blog series, I'll show you how to use Certificate Services on Windows Server 2003 to obtain a certificate.