Send to printer
1. Create a Certificate Snap-in in Microsoft Management Console (MMC)
 

To create a Certificate Snap-in in the Microsoft Management Console (MMC) to manage your certificates, follow these steps:

  1. From your Web server, click Start > Run.
  2. Type mmc in the text box and click OK.
  3. From the Microsoft Management Console (MMC) menu bar, select Console (in IIS 5.0) and  File (in IIS 6.0), then Add/Remove Snap-in.
  4. Click Add.
  5. From the list of snap-ins, select Certificates, and then click Add.
  6. Select Computer account and click Next.
  7. Select Local computer (the computer this console is running on), and then click Finish.
  8. In the snap-in list window, click Close.
  9. In the Add/Remove Snap-in window, click OK.
  10. Save these console settings for future use.

 

2. EXPORT SSL from Server

Step 1: Create a Microsoft Management Console (MMC) Snap-in for managing certificates

Create a Microsoft Management Console (MMC) Snap-in for managing certificates, as described in solution vs4224.

Step 2: Export the certificate

  1. Open the Certificates (Local Computer) snap-in you added, and select Personal > Certificates.
  2. The Subject field of the certificate lists the Common Name (CN). (Click Tools > Internet Options > Content to view the Common Name if you are not sure).
  3. Right-click on the desired certificate and select All Tasks > Export. The Certificate Export Wizard opens.
  4. Select Yes, export the private key.
  5. Click Next.
  6. In the Export File Format window, ensure the option for Personal Information Exchange  - PKCS#12 (.pfx) is selected.
  7. Select Include all certificates in the certificate path if possible and then click Next. (If you do not select the Include all certificates in the certificate path if possible option, your server may not recognize the issuer of the certificate, which may result in security warnings for your clients.
  8. De-select Require Strong Encryption. (This may cause a password prompt every time an application attempts to access the private key or it may cause IIS to fail).
  9. Click Next.
  10. Enter and confirm a password to protect the PFX file and click Next.
  11. Choose a file name and location for the export file (do not include an extension in your file name; the wizard automatically adds the PFX extension for you).
  12. Click Next.
  13. Read the summary and verify that the information is correct. Pay special attention to where you saved the file. Ensure that the information is correct.
  14. Click Finish.

VeriSign highly recommends that you save the file to a diskette or CD and store it in a safe place.

 

 

3. Import SSL

Import the Certificate

  1. Create a Microsoft Management Console (MMC) snap-in for managing certificates, as described in solution vs4224. (Note: You must use the Computer Account when creating the Snap-in)
  2. Open the Microsoft Management Console (MMC).
  3. On the left pane, click Certificates.
  4. On the right pane, double-click Personal.
  5. On the right pane, right-click Certificates and select All Tasks > Import (this opens the Certificate Import Wizard). Click Next.
  6. Browse to the certificate that you want to import and click Next.
  7. Enter the password used to secure the certificate for export and then click OK.
  8. To export the certificate again from this computer, select Mark the key as exportable.
  9. Select the option Automatically select the certificate store based on the type of certificate. (This ensures all the certificates in the certification path (Root, Intermediate, and Server) are stored in the proper place. Problems may occur if a certificate is placed in the wrong store.) Click Next.
  10. Click Finish. A message confirms successful import. Click OK.

Assign the Certificate

  1. Open the Internet Information Services (IIS) Manager: Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manger.
  2. In the Web Sites section, right-click your Web Site and select Properties.
  3. Click the Directory Security tab.
  4. In the Secure Communications section, click Server Certificate (this opens the Web Server Certificate Wizard) and then click Next.
  5. Select Assign an existing certificate and then click Next.
  6. Select the certificate to import (denoted by the Common Name) and then click Next.
  7. A summary page displays the details of the certificate that you are installing. Ensure that this information is correct and then click Next.
  8. Click Finish.