4GuysFromRolla.com

Site Index

Resources:
  -Recent Articles
  -All Articles
  -ASP F.A.Q.
  -ASP Coding Tips
  -ASP Internet Resource
  -Search
  -Web Message Board
  -Commonly Asked MessageBoard Questions
  -Newsletter
  -Free Raffle!
  -Book Reviews
  -Stump the SQL Guru
  -Live WebChat!
  -ASPWire.com Headlines
  -Official Docs
  -Web Hosts
  -Cool Crap!
  -Free Stuff!!
  -Share this URL with a Friend
  -Print this Article

Columnists:
  -Abd Shomad
  -Alex Buchanan
  -Bart Silverstein
  -Christopher Miller
  -Ian Stallings
  -Joao Vieira
  -Julian Sitkewich
  -Roger Drye
  -Ryan S.

Information:
  -Advertise
  -Feedback
  -Author an Article
  -Link to 4Guys!
  -Thanks to...
  -Legal

Search

Most Viewed Pages

1. ASP FAQ
2. ASP Coding Tips
3. ASP Internet Resource
4. 4Guys Humor!
5. The lowdown on #includes
6. A Generic Database Record Insertion Script
7. Stump the SQL Guru
8. An Introduction to Regular Expression with VBScript
9. Using the FileSystemObject for Web Site Maintenance
10. Commonly Asked Messageboard Questions

Best ASP Website

Oh, just in case you didn't know, 4GuysFromRolla.com was awarded the best ASP website of 1998!! Thanks for helping make 4Guys such a great site!

Web Technology

[Search]

How to Request and Install an SSL Certificate on IIS 4
By Ian Stallings

With all the hype over security on the Internet, it is hard to convince customers that your site is secure. One of the steps you should take to ease their minds is using SSL to secure your transactions.

But what is SSL? SSL or Secure Sockets Layer is a method of encryption made by Netscape and adopted by the Industry to allow secure communication on the Internet. It is based on the Public-and-private key encryption system from RSA. If you've ever purchased anything on the Internet than chances are you've used SSL.

Using IIS 4 it is relatively easy implement SSL. The first step in the process is to make the CSR (Certificate Signing Request) that you will submit to the Certificate Authority. They in turn will process it and then send you a key.

Making the CSR
First, In the MMC. Open the Key Manager and go to "KEY" then select "Create New Key"

Next, Select "Put the request in a file that you will send to an authority" and give you file a path and a name that you will remember.

Next, enter your password. Note: if you forget this password you will not be able to install your certificate.

Next, enter you orginization information. The common name needs to be the address of the site such as "www.whatever.com". You cannot use odd characters such as '&%^$#" in any of the following fields.

On the next screen, enter your location info.

Finally, Fill in the name of the site owner in the fields.

You have made a CSR now and can hit "Finish".

Note: All information entered should be the information of the site's owner. In other words if the domain is owned by Joe Smith then you should enter Joe Smith in the CSR.

After making the CSR file you should contact a Certificate Authority about instructions on how to send it and what other documentation they will need. Usually they require incorporation papers, a signed authorization for from the CEO or owner, and proof of domain name ownership.

Installing the SSL Certificate:
After the Certificate Authority has processed your request they will send you a SSL certificate (or point you to a place where you can retrieve it). You can then install the certificate in IIS. This is pretty simple.

Click on "Key"

Click "Install Key Certificate". Next, enter the name of the file the certificate is in as well as the path to that file.

You'll enter the password that you entered when you generated the CSR.

You can now use SSL (https://) on your site.

Related Sites:
http://www.RSA.com
http://www.Verisign.com (Certificate Authority)
http://www.Thawte.com (Certificate Authority)

And that's it. If you have any comments or questions feel free to contact me.

Happy Programming!