How to Request and Install an SSL Certificate on IIS 4
By Ian Stallings
With all the hype over security on the Internet, it is hard to
convince customers that your site is secure. One of the steps you
should take to ease their minds is using SSL to secure your
But what is SSL? SSL or Secure Sockets Layer is a method of
encryption made by Netscape and adopted by the Industry to allow
secure communication on the Internet. It is based on the
Public-and-private key encryption system from RSA. If you've ever
purchased anything on the Internet than chances are you've used SSL.
Using IIS 4 it is relatively easy implement SSL. The first step in
the process is to make the CSR (Certificate Signing Request) that
you will submit to the Certificate Authority. They in turn will
process it and then send you a key.
Making the CSR
First, In the MMC. Open the Key Manager and go to "KEY" then select
"Create New Key"
Next, Select "Put the request in a file that you will send to an
authority" and give you file a path and a name that you will
Next, enter your password.
Note: if you forget this password you will not be able to install
Next, enter you orginization information. The common name needs to
be the address of the site such as "www.whatever.com". You cannot
use odd characters such as '&%^$#" in any of the following fields.
On the next screen, enter your location info.
Finally, Fill in the name of the site owner in the fields.
You have made a CSR now and can hit "Finish".
Note: All information entered should be the information of the
site's owner. In other words if the domain is owned by Joe Smith
then you should enter Joe Smith in the CSR.
After making the CSR file you should contact a Certificate Authority
about instructions on how to send it and what other documentation
they will need. Usually they require incorporation papers, a signed
authorization for from the CEO or owner, and proof of domain name
Installing the SSL Certificate:
After the Certificate Authority has processed your request they will
send you a SSL certificate (or point you to a place where you can
retrieve it). You can then install the certificate in IIS. This is
First, Open the Key Manager.
Click on "Key"
Click "Install Key Certificate". Next, enter the name of the
file the certificate is in as well as the path to that file.
You'll enter the password that you entered when you generated
You can now use SSL (https://) on your site.
http://www.Verisign.com (Certificate Authority)
http://www.Thawte.com (Certificate Authority)
And that's it. If you have any comments or questions feel free to