Thursday, June 11, 2009

Using HTTPS in the Microsoft World

Using https on the server is fairly easy for internal testing in the Microsoft world. Since this is a self-signed certificate the users will get a warning that the certificate is untrusted. Using a self-signed certificate is not appropriate for sites used by the general public, but is good enough for internal sites and testing.

Here's some tips on how to do it:

*How to create a self-signed certificate. Change "" below, but everything else is OK.
makecert -r -pe -n "" -b 01/01/2000 -e 01/01/2036 -eku -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12

*How to install the newly created certificate
Open "Internet Information Services", right click on "Default Web Site", select the "Directory Security" tab, select the "Server Certificate..." button.

*How to apply it to a virtual directory
Open IIS, right-click on the virtual directory, select the "Directory Security" tab. Under "Secure communications", select "Edit..." then check "Require secure channel (SSL)".

No comments: