Issuing your own Server Certificates
When setting up SSL, IIS requires a server certificate to be present. A simple developer setup would be to install certificate services basically as a stand alone root CA and use it to get your server certificate.
You basically set the sever certificate using IIS snap-in. Navigate to the default website properties and on directory security you can set the server certificate. The point is that when doing this, online requests for server certificates can be made only to local and remote enterprise certificate services and remote standalone certificate services. So this means you would basically have to build an offline request and save the request file. You then submit it to your CA at https://<machinename>/certsrv by selecting
- Request a Certificate
- Advanced certificate Request
- Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
You can then proceed where you left off on the IIS snap-in to setup the cert.
Read More