Configure Secure Socket Layer (SSL) in IIS 7 or IIS 7.5 in Windows 7
Posted by: Suprotim Agarwal
in Category ASP.NET
Abstract: In this article, we will see how to configure Secure Socket Layer (SSL) in IIS 7.x.
HTTPS is a secure communications channel that is used to exchange sensitive information like User Credentials, Credit Card details etc. between a client computer and a server. It uses SSL which encrypts communication over a network like the internet.
In this article, we will see how to configure Secure Socket Layer (SSL) in IIS 7.x in a Windows 7 machine. To enable SSL in IIS, you must first obtain a certificate that is used to encrypt and decrypt the information transferred over a network.
I assume you have configured IIS 7 on your Windows 7 box and have ASP.NET registered on your IIS server. If you have not yet configured IIS on your Windows 7 box, I strongly suggest you to read these two posts before continuing further
Install IIS 7 on Windows 7
Resolving ASP.NET 4.0 has not been Registered on the Web Server Error
Assuming you are all set, go to Start > All Programs > Accessories > Run. Type Inetmgr and hit enter. This opens up the IIS Manager. In the IIS Manager > Select the root node > Double click ‘Server Certificates’
If you have a list of Server Certificates installed on your server, you will be able to view them now. But it happens that I do not have any on my server. In that I can either ‘Create Certificate Request’ or use a ‘Self-Signed Certificate’ for testing purpose.
Note: If you choose the ‘Create Certificate Request’ option, IIS creates a Base64 encoded request. You can then submit this request to a Certificate Authority (like Verisign) and receive a SSL certificate which can be registered on your web server using the ‘Complete Certificate Request’ that you see in the screenshot above.
However if you choose the ‘Create Self-Signed certificate option, then IIS creates a self-signed certificate for your own server. It is an easy option if you plan to use HTTPS for local testing purpose. Remember that you can access this certificate only from your machine.
We will go ahead with creating a Self-Signed certificate for testing purpose. Click the ‘Create Self-Signed certificate’ link > Enter a friendly name for the certificate request and hit OK.
As you can see in the screenshot below, we have a self-signed certificate that we can use for testing purpose.
The last step is to set the protocol for SSL for your website. To do so, select your website in the IIS Manager > In the Action pane, select Bindings > Add Site Binding
Select the Type https and ‘SampleCert’ as SSL certificate and click OK
Your Website is now SSL enabled. To test, type https://localhost/YourSiteName and you should be able to see the default page.
I hope you liked the article and I thank you for viewing it.