How to install SSL certificate in IIS

How to install SSL certificate in IIS

Looking for a tutorial on how to install an SSL certificate in IIS? Stay with us until the end of this article so that we can give some tips about training and how to install SSL certificate in IIS. SSL, which is a type of security certificate, stands for Secure Sockets Layer. The security of the data that is transmitted in the network must be ensured. This security protocol is used for this purpose. IIS or Internet Information Service are Microsoft’s proprietary servers designed for Microsoft .NET.

Before learning how to install an SSL certificate in IIS, it’s good to know why we should use an SSL certificate at all ? Strengthening the site’s security layers is always one of the main concerns of website owners. One of the available solutions to provide more security for any website is to install an SSL security certificate on that site. The purpose of using this security protocol is to change HTTP to HTTPS.

HTTPS stands for Hypertext Transfer Protocol Secure. Therefore, it can be defined as a fully secure hypertext data transfer protocol. In general, the purpose of using the SSL protocol is to encrypt the data so that it cannot be accessed by hackers and attackers. IIS is also a powerful web server with special features provided by Microsoft. If you don’t know how to enable SSL in IIS, read on.

Install SSL certificate in IIS

The first thing to learn about installing an SSL certificate in IIS is to know that before anything you need to install an intermediate level SSL certificate on your Windows server. What is an intermediate SSL certificate? Intermediate Certification is part of the Windows Server certification chain. In other words, if we divide this chain into three parts, the first part of the chain is the Root Certificate, the middle part is the Intermediate Certificate, and the last part of this chain is the End User Certificate. After installing the intermediate certificate, you need to install SSL in IIS. Follow the steps below:

  1. First, save the SSL certificate on the server where you generated the CSR. The extension of this file should be
  2. Enter the iis software and select the desired server from the box on the left side of the IIS server manager page.

  1. Then, select the Server Certificates item from the middle box among the items.
  2. After selecting the above item, a box will be displayed on the right side of the screen. From this box, click on Complete Certificate Request… option.

  1. First find the CRS file path on the server and then select it.
  2. A box called Friendly name will open and you should choose a name for your certificate and enter it in this box.
  3. In the next box, two options will be displayed. If you want to install a standard certificate, click on the Personal option. Choosing the Web Hosting option is for when the certificate can be issued on several SNI names.

  1. Finally, by selecting the OK option, the installation of the SSL certificate will be completed.

Now that you have learned how to install an SSL certificate in IIS, you should know how to assign this certificate to the desired website in IIS after installing this security certificate on IIS.

Enable SSL on the website

The work is not finished with the tutorial on installing an SSL certificate in IIS. In the next step, you need to activate SSL on the website. To enable SSL on the website in IIS, do the following steps in order:

  1. Again, on the IIS Server Manager page, from the box you see on the left side of the page, click on the third option, the site section.
  2. By clicking on this section, you will see the Default Web Site option, which you should click on.
  3. By clicking on this option, select the .. option in the right box.
  4. Selecting this item will open a page called Site Bindings. In the right box, select the first option, i.e. Add.

  1. Then several boxes will be displayed. In the Type box, select https. The port should also be set to 443 by default.

  1. A little lower you will see a box titled SSL certificate. The name of this SSL certificate is actually the same Friendly name that you set in the fifth step of the SSL certificate installation tutorial in IIS. In front of this box, you will see two options called Select and View. Click on Select.
  2. Finally, select OK.

After you have gone through the above steps, the settings will be displayed in the Site Bindings section. If https was set to port 443, you have followed the steps correctly and managed to enable ssl on the website.

How to fix the error in activating SSL certificates in IIS

After installing the ssl certificate in iis you may encounter an error. Sometimes it happens that after installing and activating ssl on Windows servers, the certificate is not activated correctly on the desired domain or it shows a different certificate instead of the original certificate. If you are using the Plesk control panel, you are more likely to encounter this error.

But why does this error occur? The point that you should pay attention to in the tutorial on installing an SSL certificate in IIS is that if the binding of a certificate on port 443 is left in the IIS settings, you will see this error. You have to fix this problem through cmd. To fix this error, do the following steps:

  1. First, enter the following command with administrator access:

netsh http show sslcert > C:\certificates.txt

  1. Now you should see the txt file. If there is a binding for port 443, you need to run the following command to remove it:

netsh http delete sslcert ipport=203.0.113.2:443

  1. At the end of these steps, you need to reset IIS. You can easily do this with the iisreset command.

By performing the above steps correctly, the error will be fixed and the SSL certificate will be successfully activated in IIS.

buy ssl; What is the best type of SSL?

Now that you have learned how to install an SSL certificate in IIS, it is good to know that there are different types of SSLs. Knowing them will help you choose and buy the most suitable one for your website. The types of SSL security certificates are:

  • SSL DV
  • SSL OV
  • SSL EV
  • SSL Wildcard
  • SSL MDC

SSL DV

If you want an SSL certificate that can be authenticated and verified quickly, you should choose SSL DV. SSL Domain Validation is one of the most popular ssl certificates among users. The authentication of this certificate is through the domain and is done in the shortest possible time.

SSL EV

If you are a large organization or company, it is better to use SSL EV. SSL Extended Validation authentication is done only by providing an organizational certificate and identity documents of a company or organization. Although authentication and installation of this certificate is a longer and time-consuming process for large organizations, the best option for large organizations is this type of SSL.

SSL OV

If you are a small company or organization and don’t want to get involved in the lengthy authentication process of SSL EV, you can use SSL OV. The SSL Organization authentication process is less expensive than SSL EV and can be done in a shorter period of time.

SSL Wildcard and SSL MDC

If you want to put the subdomains of your website under the SSL certificate in addition to the main domain, you must use the Wildcard SSL certificate. SSL MDC can also be used for up to 100 different domains, domains that are set on the same IP.

Can SSL certificate be used for free?

All websites can use a free SSL security certificate. We reviewed the tutorial on installing an SSL certificate in IIS a little while ago. Installing free ssl on iis is the same. But the thing you have to remember is the limited time period of using the free version of SSL. After this period of time has passed and the validity of the free version of SSL has expired, you must purchase one of its types. Buying ssl is one of the necessary measures to maintain the security of any website.

How is TSL different from SSL?

If you want a newer, more advanced version with more security, you can use TSL instead of SSL. Just like SSL, TSL is a security protocol between user and software. This protocol is used to maintain security between two systems on the Internet. In terms of application, TSL and SSL are similar; With the difference that TSL can be considered an updated version of SSL.

Note that TSL is not a separate protocol; This protocol is based on SSL. So if you buy the latest version of SSL, you have actually bought a TSL protocol. If you are looking for a tutorial on how to install a TSL certificate in IIS, there is no difference with enabling TSL in IIS in the tutorial on how to install an SSL certificate in IIS that we reviewed a little while ago.

Why should we take SSL seriously?

Why is it so important to learn how to install an SSL certificate in IIS? Site security is the most important issue that you should never neglect. There are 2 very important reasons that will definitely force you to activate SSL in IIS. How to know if a site uses this certificate or not?

When you open a page of a site, if you see https in the page address, it means that the site in question uses an SSL certificate. This certificate has advantages for both the user and the website owners that we have mentioned below.

1. Getting the user’s trust

When you install the SSL certificate on your website, an s will be added to the HTTP protocol in your website address and it will be displayed as HTTPS. If your site visitors know about these things, they will know that you are using an SSL certificate. If your site’s field of activity is such that it requires receiving information from the user, having this certificate will have a great impact on gaining the user’s trust.

2. Positive points for SEO

If you use this certificate, Google will also notice that your site is safe. Therefore, it gives more value and credibility to your site. Showing your site results by Google over sites that do not have this certificate is a priority for this search engine. With these interpretations, it is better to activate this certificate right now by learning how to install an SSL certificate in IIS.

support hosting100