To request a certificate for your IIS web server, you have 2 options :
To request a certificate from the mmc console, launch this console from the server where IIS is installed.
Then, in the mmc console that appears, go to : File -> Add/Remove Snap-in.
Add the "Certificates" component.
Choose "Computer account" and click Next.
Leave the "Local computer..." option selected and click Finish.
As you can see, by default we don't have a personal certificate on our web server.
Right-click on your "Personal" certificate store and click : All Tasks -> Request New Certificate.
The "Certificate Enrollment" wizard appears.
Check the box for the new certificate template you just created and click the "More information is required to enroll for this certificate" link that appears.
Note : if this certificate template doesn't appear in your case, make sure that :
For the link displayed in blue, it's present only if the "Supply in the request" option is selected in the "Subject Name" tab.
In the "Certificate Properties" window that appears, select "Common name" as the subject type and type in the domain name of your web server.
More precisely, the name to be indicated is the one that you wish to specify in the address bar of your browser to access the website hosted on it.
Note : if the name you want to use to access your website is different from the domain name of your web server, an additional DNS record will need to be created on your local DNS server.
Once the common name has been indicated, click on the "Add" button.
The desired common name (CN) appears on the right.
Note : the common name (CN) is the only mandatory information. The rest is optional.
In the "General" tab, you can specify a friendly name for it if you wish.
This makes it easier for you to identify your certificates in the future.
However, be aware that this name is also publicly visible if someone looks at the certificate information protecting your IIS web server.
Then, click OK.
Now, the blue link is gone.
Click on : Enroll.
After successful certificate enrollment, click Finish.
The enrolled (issued) certificate will appear in your web server's "Personal" certificate store.
If you double click on it, you will see that this one :
If you go to the "Details" tab and select the "Subject" field, you will see that the common name corresponds to the domain name of your web server.
As expected, you can see the public key of this certificate (and any visitor will also have access to it).
Indeed, it's thanks to this public key that the visitor can decrypt the response sent by your web server (response which was previously encrypted thanks to the associated private key).
If you select the "Certificate Template Information" field, you will be able to see the unique identifier of the certificate template used.
If you select the "Application Policies" field, you will see that this certificate will be used for server authentication.
As explained previously, if you provide a friendly name for your certificate, it will appear in the certificate information.
Field that will also be publicly visible to visitors to your website.
Windows Server 1/5/2024
Windows Server 10/13/2023
Windows Server 12/8/2023
Windows Server 9/15/2023
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.