Thursday, May 29, 2008

SSL Certification


In this post, we see how you can certify your Web Server, Web Site or Web Pages within a Web site. Here I have demonstrated at the Server Level.

Certify IIS with SSL –

It is a three step process.

· Generating a Certificate Request File

· Applying for a Server Certificate

· Installing Your Server Certificate

Generating a Certificate Request File

· Go to IIS – Default Web Site

· Properties – Directory Security Tab

· Server Certificate Button.

· This will launch the Web Server Certificagte Wizard for generating the CSR(Certificate Signing Request) file.

At the end of the wizard you’ll get something like below.

Important to note in this wizard – After few initial screens, one of the screen ask to enter ‘Common Name’. Below are the details.

Common name—

· Internet - Must be a FQDN (Fully Qualified Domain Name); for example, You should not include the protocol (http://).

· Intranet – Must be a computer’s NetBIOS name. e.g

Applying for a Server Certificate

After generation of a Certificate Request File, required is to apply for a server certificate from a certificate authority. These three are the more popular ones:

· Verisign Inc. (

· Thawte Consulting (

· GTE CyberTrust Solutions (

· Visit either of these sites and provide some identifying.

· After you provide this information, you can Submit Your CSR File (Mostly just a Copy Paste the Certificate file Content) through an online form.

· After your information is verified, you Receive An E-Mail Message that contains instructions for downloading your New Server Certificate.

Mostly, the certificate is dispalayed as content in a page. Then remaining is simply copying the contents form the IE page and pasting it into a new file with extension as .cer / .txt

Installing Your Server Certificate

· To do so, launch the Web Server Certificate Wizard once again as in 1st step.

· Choose the option labeled Process the Pending Request and Install the Certificate.

· This will prompt for the file with .cer extension saved above. You can execute the same with file having .txt extension as well.

· Choose the file and choose next, next.. and you are done.

· Now if you wish you can View the Certificate using the same– Directory Security Tab.

Using SSL in ASP.NET Pages

After the SSL is configured on the Web Server, we can request pages in both normal(http://) and secure fashion (https://).

· However, if we wish, we can force users to use SSL when requesting All Sites, Particular Site or Particular Pages in a Site.

· To do so, go to IIS and open the property sheet of either the Default Web Site, , Particular Site or Particular Pages in a Site.

· Choose the Directory Security or File Security tab. Next, click the Edit button.

· Under Secure Communications - Check Require Secure Channel.

· If you want to require 128-bit SSL, click the Encryption Settings button and choose Require 128-Bit Encryption.

Thanks & Regards,

Arun Manglick Senior Tech Lead

No comments:

Post a Comment