HTTPS For IIS v8.5

1 minute read

Description:

I followed these steps to enable HTTPS on some of our websites. NOTE: We already had a wildcard SSL cert purchased prior to me running these steps.

To Resolve:

  1. Inside IIS Manager, go to “Server Certificates” and choose the option to “create a request”. Fill out the information:

common name = FQDN of the server
organization = Company Nameorganizational unit = IT
city/ state/ province = self explanatory

  1. Click Next – Choose: Microsoft RSA and 2048 bit length – Next – Export to desktop (we will delete shortly).

  2. Open up web browser and go to Digicert.com and sign in. Go to Orders – click on your domain wildcard cert – Get a duplicate.

  3. Paste in your key from step 2. It will say to wait a few minutes, and then you can download your keys.

  4. Once you download them to your server, open IIS Manager – Server Certificates – Complete Request. Fill out the information:

filename = path\to\file
friendly name = your domain name
select store = personal

  1. Once the cert is installed, go to your site in the list of websites in IIS Manager. Select “bindings” and add 443 with your cert. I usually check the box for “require server name indication” and type out the FQDN of the server.

  2. Next, we create an inbound rule under URL Rewrite (If it’s not there, install from here):

name = http to https
Match URL:
Requested URL: Matches the pattern
Using: Regular Expressions
Pattern: (.*)
Ignore case = checked
Conditions:
Logical grouping: Match All
Input: {HTTPS}
Type: Matches the Pattern
Pattern: ^OFF$
Action:
Action Type: Redirect
Redirect URL: https://{HTTP_HOST}/{R:1}
Append query string = Checked
Redirect Type = Permanent (301)

  1. Restart the website, it should start redirecting to HTTPS now. You may want to enable SSL Rebind, but I didn’t go that far.

References:

https://www.digicert.com/csr-creation-microsoft-iis-8.htm
https://www.digicert.com/ssl-certificate-installation-microsoft-iis-8.htm

Tags: ,

Categories:

Updated: