Generate CSR, installed CRT file

Config web.config to redirect all HTTP to HTTPS

Generate CSR or Renew Certificate

1. Open IIS

2. From the center menu double-click Server Certificates in the Security section.


3. Select the Actions menu from the right. Click Create Certificate Request.


4. The Request Certificate Wizard will appear. In the Distinguished Name Properties window enter information as prompted. Click Next.


5. In the Cryptographic Service Provider Properties window leave both settings at their defaults (Microsoft RSA SChannel Cryptographic Provider and 2048). Click Next.


6. Enter a file name and location to save your CSR to. You will need this CSR to enroll for your SSL Certificate.


7. Your CSR will now be saved to the location you selected in the file you named. When you request a certificate in the future you will need the information inside the file.

Install Certificate

1. Open IIS

2. From the center menu double-click Server Certificates in the Security section.


3. Select the Actions menu from the right. Click Complete Certificate Request.


4. The Complete Certificate Request wizard will appear. Enter the location and name of the SSL certificate you saved to your server earlier and then enter a “Friendly Name”. Click OK.


5. From the Connections menu in the main IIS Manager window select the name of the server to which the certificate was installed.

6. Under Sites select the site to be secured with SSL.

7 . From the Actions menu click Bindings.


8. In the Site Bindings window click Add.

9. In the Add Site Bindings window choose Https under Type. The IP address should be the IP address of the site or All Unassigned. The Port should be 443. The SSL Certificate field should specify the certificate that was installed previously.


10. Click OK.

11. Restart IIS to complete the installation of your certificate.

Back Up Certificate

Export Your Certificate Using IIS

1. Open Microsoft IIS 7 Manager.
2. Select the Server Name from the left side pane.
3. Click the Server Certificates icon from the middle window.
4. Select the certificate you wish to export.
5. Give the certificate a file name and password.
6. Your certificate and private key have now been exported to a “.pfx” file.

Export Your Certificate Using the MMC
Create an MMC Snap-in for Managing Certificates

1. Open MMC (Start > Run > MMC).
2. Select File > Add/Remove Snap-in > Certificate > Add > OK.
3. Close the Add Standalone Snap-in window.
4. Click OK in the Add/Remove Snap-in window.

Export the Certificate With Private Key

1. Expand the Certificates Console Tree.
2. Locate the Personal folder. Click Certificates.
3. Select the certificate you wish to back up.
4. Right-click on the file and choose All Tasks > Export.
5. The Certificate Export Wizard will start up. Click Next.
6. Select Yes, Export the Private Key.
7. Select Include All Certificates in the Certification Path. Click Next.
8. Create a password to protect the export of the private key file with the certificate. Click Next.
9. Choose to save the file to a set location.
10. Type the file name in the appropriate box. Click Save.
11. Click Next > Finish.
12. You will receive the message “The export was successful” when the export has been completed. Click OK. The file will have a “.pfx” extension and will contain your certificate and corresponding private key.

Import PFX File Into IIS 7 Web Server

1. Open IIS Manager and navigate to the level you want to manage.
2. In Features View double-click Server Certificates.
3. In the Actions pane click Import.
4. In the Import Certificate dialog box type in a file name in the certificate file box or browse to navigate to the name of a file where the exported certificate is stored.
5. Type in the appropriate password if the certificate was exported with a password.
6. Select Allow This Certificate To Be Exported if you want to be able to export the certificate in the future. If you do not want to allow for this function, do not select the option. Click OK.

Using multi SSL Certificate for multi site in IIS

Notice: must be URL Rewrite first at

Check in Require Server Name Indication when binding HTTPS

multi ssl iis


Web.config redirect all HTTP to HTTPS

		<rule name="HTTP to HTTPS redirect" stopProcessing="true">
			<match url="(.*)" />
				     <add input="{HTTPS}" pattern="off" ignoreCase="true" />
			<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />



All about SSL with Windows IIS and ASP.NET Site

Category: Uncategorized

Join the discussion

Your email address will not be published. Required fields are marked *