It is recommended that SSL Certificates are to be applied by internal IT as it is outside of the application and involves configuration changes on the web server itself.
This is to be used purely as a guide for securing your site with an SSL certificate in IIS. However there are alternate methods to applying a certificate and is subject to your organization's standards and the certificate provider.
Certificate Request generated in IIS
SSL installation in IIS requires one certificate file with the .p7b (or .cer) file extension.
In order to install the certificate, please follow the steps below.
Upload your Certificate
1. Press Win + R and type “inetmgr” in the appeared window to run the Internet Information Services (IIS) Manager.
2. On the IIS Manager home page, locate the Server Certificates icon and double-click it:
3. Locate the Actions panel on the right side and click Complete Certificate Request:
4. In the Specify Certificate Authority Response window, perform the actions below.a) In the File name containing the certification authority’s response field, browse the file system to select your .p7b (or .cer) certificate.
b) In the Friendly name field, specify any name that will help you to identify the certificate among other files. It is best to submit the actual domain name of the certificate.
c) In the Select a certificate store for the new certificate field, leave the default value Personal.
5. Click OK to import the certificate to the server storage.
6. Once the import is completed, in the Server Certificates window, you will see a new entry associated with the imported certificate:
Bind the Certificate
1. Assign the certificate to your website by expanding the Sites subsection in the Connections menu on the left and select the corresponding site. Then, in the Actions panel on the right side, locate the Edit Site menu and select the Bindings option:
2. On the right side of the Site Bindings window, click Add:
3. In the Add Site Binding window, modify the fields as below:
a) In the Type field, select https.
b) In the IP address field, select your website’s IP address or All Unassigned.
c) In the Port field, specify 443 (default).
d) In the SSL certificate field, select the previously imported certificate, which can be identified by the friendly name:
NOTE: The Require Server Name Indication box needs to be checked if there are multiple SSL certificates on the server.
4. Click OK in order for the new https entry to appear in the Site Bindings window:
That’s all – the certificate should now be installed and the website should be accessible via HTTPS.
The SSL installation status can be checked online via the SSL checker.