Click here to Skip to main content
15,867,686 members
Articles / Web Development / ASP.NET

Securing My Website Using SSL in Local IIS (5.1 and Above)?

Rate me:
Please Sign up or sign in to vote.
4.09/5 (12 votes)
6 Feb 2010CPOL6 min read 34.5K   32   6
Easily, SSL can be implemented in your local IIS for learning and testing purposes.
Image 1

Introduction

There are hundreds of sites that show how you can secure a website using SSL in local IIS mainly for testing and learning purposes.

Here I will discuss in the easiest way that took me 2 days. I don't want any other person to take 2 more days. As we know, there are many CA vendors (CA-Certificate Authorities) that offer certificates, such as Verisign, Godaddy and many more. Just choose any one of them and try it out. The steps involved in using SSL in IIS are as follows:

  1. Installing IIS
  2. Deploying your test website to IIS
  3. Creating a certificate request
  4. Receiving the certificate and installing in Browser and Server
  5. Testing your secured https website

1. Installing IIS

Go to start > control Panel > add or remove program >add/remove Windows component (available on the left column of add/remove program) > select/check Internet Information Server(IIS) > Click Next.

It will ask for Windows CD. (Mind you, IIS can install in some selected OS such as Windows XP professional, Windows server, but not in XP Home.)

Insert your Windows CD and click OK. Note - This is the only way to install IIS in your system. You cannot download IIS and install which I tried for many hours. For specific OS, there is a specific IIS version. (See the pictures below for details.)

Image 2

2. Deploying Your Test Website to IIS

Go to start > Control Panel > Performance and maintenance > Administrator tools > Double click the ‘Internet Information Server’ icon.

Now you can see IIS opening with a vertical column on the left side. Now expand your Computer Name (local computer)> web sites > Default web site.

Right click on ‘Default web site’ folder and choose Properties menu. Now you can see “Default Web site Properties” windows. Choose New > Virtual Directory > Click Next and give an Allies name of your project (say myTestWebstie) as in the figure below, then browse and choose your Test website location (say D:\TestPublished\). Remember, you need to build your test web site from Visual Studio (2005/2008/2010) and publish it before you copy to your virtual Directory. (See 2nd image.)

Image 3

Image 4

3. Creating a Certificate Request

Go to start > control Panel > Performance and maintenance > Administrator tools > Double click the ‘Internet Information Server’ icon. Now you can see IIS opening with a column on the left side. Now expand your Computer Name(local computer)> web sites > Default web site. Right click on ‘Default web site’ folder and choose Properties menu. Now you can see “Default Web site Properties” windows. Select the tab “Directory security” as in figure and click “Server Certificate” under the “Secure Communication”. Click the Next button of Certificate Wizard.

Choose “Create a new Certificate” >Next > Prepare the request now, but send it later > Next > Give a name for your Certificate and Bit Length as 1024. > Next > Give your company/Organization name + Organization Unit > Next > Enter Country / Region + Sate + City > Next > Save your request certificate file as .txt file (say c:\certieq.txt) > click Next and close the window.

Now your certificate request has been created. If you look at your request certificate file (c:\certieq.txt), you can see a series of crazy strings, something like that shown below:

-----BEGIN CERTIFICATE-----
MIIEVzCCAz+gAwIBAgIQFoFkpCjKEt
jDELMAkGA1UEBhMCVVMxFzAVBg
EydGb3IgVGVzdCBQdXJwb3NlcyBPb
BAMTKVZlcmlTaWduIFRyaWFsIFNlY
DTA5MDQwMTAwMDAwMFoXDTI5
aQNg95KnKGrrDUI= 
-----END CERTIFICATE-----  

Using this request SSL certificate text, you can now request for the SSL certificate from any of the CAs (Certificate Authorities) such as Verisign, Godaddy, etc. You need to submit the above generated crazy string to get SSL Certificate from a CA (say Verisign). After submitting your request SSL certificate text, you will receive another SSL Certificate Text from your CA (say Verisign) as a series of crazy strings like the one which we submitted to them as request. For your simplification, check those images below and try.

Image 5

Image 6

Image 7

Image 8

Image 9

Image 10

Image 11

4. Receiving the Certificate and Installing in Browser

After receiving the SSL certificate, we need to save as XXX.cer format with CER extension (say c:\myCertificate.cer). You might be receiving it as text file or sometimes a certificate key. In case you receive it as key file, no need to save as xxx.cer (xxx is your file name) format because they will already be named something like keyname.cer. Then to install in your client browser, you need to do the following steps:

  1. Open a Microsoft Internet Explorer Browser.
  2. Go to Tools > Internet Options > Content > Certificates.
  3. Click Import. A certificate manager Import Wizard will appear. Click Next.
  4. Browse to the location of the recently stored root (done in step 2). Select files for file type.
  5. Select the certificate and click Open.
  6. Click Next.
  7. Select “Automatically select the certificate store based on the type of the certificate”. Click Ok.
  8. Click Next then Finish.
  9. When prompted and asked if you wish to add the following certificate to the root store, click Yes.

Installing Certificate in Server (IIS)

We just need to start as in Step 5 (Creating certificate request).

Go to start > control Panel > Performance and maintenance > Administrator tools > Double click the ‘Internet Information Server’ icon. Now you can see IIS opening with a column on the left side. Now expand your Computer Name (local computer)> web sites > Default web site. Right click on ‘Default web site’ folder and choose Properties menu. Now you can see “Default Web site Properties” windows. Select the tab “Directory security” as in the figure and click “Server Certificate” under the “Secure Communication”. Click the Next button of Certificate Wizard.

This time, we will choose “Proceed the Pending Request and install the certificate”. Then click browse and choose your certificate location which you have received and save in Step 4.(c:\myCertificate.cer in the above example). Then click Next and complete the wizard. If you get an error like “Pending request for this certificate not found….”, it shows that the replied certificate which you got is incorrect or not the reply of your request certificate.

6. Testing Your Secured HTTPS Website

Here comes the last part that is testing.

Go to start > control Panel > Performance and maintenance > Administrator tools > Double click the ‘Internet Information Server’ icon. Now you can see IIS opening with a column on the left side. Now expand your Computer Name (local computer)> web sites > Default web site > and select myTestWebsite folder. On the right hand side column, you can see your web pages which you have created using ASP.NET. Right click on the Default.aspx and click Browse as in fig 1.3. You can see Internet Explorer opening and saying that to type https:// instead of http://, which means that your web site is using SSL (https) and not http.

If your application is not able to run giving some error like “XML Parsing Error: not well-formed Line Number 1, Column 2' Error” in your browser, then you need to re-register the framework with IIS. You can do it by running “aspnet_regiis.exe -i” in VS command prompt.

Image 12

Thanks and enjoy SSL test.

Asem Ibohal

History

  • 6th February, 2010: Initial post

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Web Developer someCompany
India India
just love to code..

Comments and Discussions

 
GeneralMy vote of 3 Pin
Nikhil wa ghmare9-Mar-12 23:14
Nikhil wa ghmare9-Mar-12 23:14 
GeneralMy vote of 5 Pin
Amir Mehrabi-Jorshari23-Feb-12 10:34
Amir Mehrabi-Jorshari23-Feb-12 10:34 
GeneralMy vote of 4 Pin
Member 43208446-Jan-12 8:43
Member 43208446-Jan-12 8:43 
GeneralUsing IIS resource kit Pin
Dinesh Mani7-Feb-10 20:56
Dinesh Mani7-Feb-10 20:56 
Generalgood article can u do one for IIS 7 and above Pin
gaurav_verma_mca6-Feb-10 5:24
gaurav_verma_mca6-Feb-10 5:24 
GeneralDon't use 1024 certificates Pin
Alaric Dailey6-Feb-10 5:22
Alaric Dailey6-Feb-10 5:22 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.