Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. This is because your private key will always be left on the server system where the CSR was originally created. With Microsoft systems the private key is hidden away and will only appear once the CSR request has been completed. Your SSL certificate will not work without this private key file. We will assume that this is the original system.
To Install your SSL certificate on Windows Server 2003 – IIS 6 perform the following.
Step 1: Picking up your SSL Certificate.
- If you had the option of server type during enrollment and selected Microsoft you will receive a pkcs#7/.p7b version of your certificate within the email. Alternately you can access your Certificate User Portal by the supplied link in the email to pick up the pkcs#7 version of your certificate.
- Copy the SSL certificate and make sure to copy the —–BEGIN CERTIFICATE—–
and —–END CERTIFICATE—– header and footer Ensure there are no white spaces, extra line breaks or additional characters. Use a plain text editor such as Notepad, paste the content of the certificate and save it with extension .p7b (When performing this on a Windows system the Icon of the file should change into a certificate icon)
Step 2: Processing the pending request on the website in order to install certificate:
- Open the Internet Services Manager (IIS):
- Click Start
- Select All Programs
- Select Administrative Tools
- Choose Internet Information Services (IIS) Manager
- Under Web Sites, right-click your web site and select Properties.
- Click the Directory Security tab > Server Certificate.
- The Web Site Certificate Wizard will open, click Next.
- Choose Process the Pending Request and Install the Certificate, then click Next.
Note: The pending request must match the response file. If you deleted the pending request in error or do not see this option then you must generate a new pending request CSR on the website in question.
- Select the location of the certificate response file, and then click Next.
Note: By default the wizard will look for a “.cer” file. Click the drop-down arrow next to File Types, and select All Files. Then Browse to the location where the certificate .p7b file was saved. - Read the summary screen to be sure that you are processing the correct certificate and then click Next.
- You see a confirmation screen. After you read this information, click Next.
- Be sure to assign your site an SSL port (443 by default).
- Stop and start your Web server prior to any testing.
Note: In some cases the changes may not take place after restarting IIS Services and a re-boot is needed.
Your SSL certificate is now installed on your Windows Server 2003 – IIS 6 and the website is now configured.
If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.
Microsoft Support
For more information refer to Microsoft.