| MicroSoft iis 4.x SSL Installation |
|
 |
 |
| SSL is Not Supported when Host
Headers are used. For more information, please click
on the link below. |
IMPORTANT
HOST HEADER INFORMATION
Private Key Backup Instructions
Once you receive the email with
your certificate, follow the below instructions to
install your EBIZID SSL Certificate.
| There are Three certificates that need to be installed
during this process. The first is the "Site" certificate, contained in
the email from EBIZID. The second is the "GTE CyberTrust Root Certificate " and
the third is the "Comodo Class 3 intermediate Certificate". (All three
are required). |
Download
the correct Root and Intermediate Certificates
| When Install Requires |
Use these Certificates |
Bundled Root Certificates |
 Click to download |
Intermediate Certificate |
Click to download |
GTE Cyber Trust Root |
Click to download |
Install the new IIS SSL Server certificate by clicking on the key in the www directory (usually a broken key icon with a line through it), and select "Install Key Certificate".
Enter the Password.
When you are prompted for bindings, add the IP and Port Number. "Any assigned" is acceptable if you do not have any other IIS SSL certificates installed on the web server.
Note: Multiple certificates installed on the same web server will require a separate IP Address for each because SSL does not support host headers.
Go to the Computers menu and select the option "Commit Changes", or close Key Manager and select "Yes" when prompted to commit changes.
The new IIS SSL Server certificate is now successfully installed.
Back up the Key in Key Manager by clicking on Key menu> Export -> Backup File. Store the backup file on the hard drive AND off the server.
Intstalling the Root & Intermediate Certificates:
Your IIS SSL Certificate will have been emailed to you. The email will also contain two other Certificates: the ROOT certificate and Intermediate CA certificate .Save these Certificates to the desktop of the webserver machine.
It is essential that you have installed these two Certificates on the machine running IIS 4. You may also download them from the support section of the website:
Once you have installed the Certificates, restart the machine running IIS 4. You must now complete one of the following procedures - the procedure you follow is dependent on the Service Pack that has been implemented on your machine running IIS4.
ServicePack 3:
Install the above certificates in your Internet Explorer by opening each certificate and clicking "Install Certificate". You may then use this IIS CA batch file to transfer all root certificates from your Internet Explorer to the IIS (see Microsoft KnowledgeBase Q216339).
ServicePack 4:
Install the above certificates manually in a specicfic root store (you may also want to read (see Microsoft KnowledgeBase Q194788):
-
Install the Root certificate by double clicking on the corresponding file this will start an installation wizard
-
select Place all certificates in the following store and click browse
-
select Show physical stores
-
select Trusted Root Certification Authorities
-
select Local Computer, click OK
-
back in the wizard, click Next, click Finish
Repeat the same for the Intermediate CA Certificate however choose to place the certificates in the Intermediate Certification Authorities store.
ServicePack 5:
Same as SP4.
ServicePack 6:
Same as SP5.
Reboot the web server to complete the installation.
| The padlock icon on your Web browser will be displayed
in the locked position if you have set up your site properly. |
Unlike other files, key pair files cannot
just be copied. To make the backup, you must do an "export." To restore your system, you must do an "import."
This process assumes identical web server configurations are
used for exporting the key as well as for importing the key.
So both servers must be IIS. You can't go from one type of
server to another.
Open your Microsoft Management Console
via the IIS Internet Service Manager.
Click to open the Key Manager.
Select the key to be exported.
Select the Key menu and choose Export
Key Backup File. Click OK in the Key Manager Warning box.
Specify the destination for saving your
key, press OK.
Close your Key Manager and Management Console windows.
| You MUST remember
your password that was used to install your certificate.
You MUST HAVE this password if you ever need to recover
your certificate through the import process. |
You may now close the Key Manager and enable SSL on secure
your web server.
| You Must Restart your server for changes
to take effect. |
|
