Thursday, March 24, 2011

Attach a test SSL certificate to an IIS 5.x web site

Ok this took me a while to figure out so I thought it was worth documenting.  I have a web service that I wanted to test on my local pc.  The web service is configured to accept SSL connections only so I needed a way to attach a certificate to my local IIS for the purposes of testing.  This turned out not to be so easy.  Steps to achieve this area detailed below:
  1. Open a command prompt. (Under Win XP go to Start > Run and type cmd)
  2. Create a test certificate and place it in your Personal certificate store by typing the following on the command line:

     cd C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin. 
    makecert -r -pe -n "CN=www.myserver.com" -b 01/01/2000 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12

    Note: C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin is the location of makecert on my pc.  do a search on your C drive if you cannot find the program under this location. Note also that you will need to change www.myserver.com to the domain for your server.  if you are installing the certificate on your local PC you can just use localhost.
  3. Add the certificate you just created to your Trusted Root Certification Authorities store.
    1. Access to your certificate stores
      1. go to Start > Run and type mmc
      2. File > Add / Remove snapin
      3. click on Add
      4. click on Certificates 
      5. click on Add
      6. click on Computer account 
      7. click on Next
      8. click on local computer: (the ...
      9. click on Finnish
      10. click on Close
      11. Click on Ok
    2. Open Personal > Certificates
    3. The certificate you created above should appear here. Right click on it.
    4. Click on Copy 
    5. Right click on  Trusted Root Certification Authorities > Certificates
    6. click on Paste
      you should now have a certificate which can be used in your local IIS and which will be trusted by local apps connecting to web apps and services that use the certificate.
  4. Attach the certificate you just created to IIS
    1. open IIS.
    2. right click on the web site node in IIS (obviously there will only be one if you are using IIS 5.x) and then click on Properties
    3. Click on Directory Security
    4. Click on Server Certificate.
    5. click on Next
    6. click on Assign an existing certificate
    7. click on the certificate you created above
    8. click on Next
    9. click on Finnish
Done
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)