Thursday, June 11, 2009

Using HTTPS in the Microsoft World

Using https on the server is fairly easy for internal testing in the Microsoft world. Since this is a self-signed certificate the users will get a warning that the certificate is untrusted. Using a self-signed certificate is not appropriate for sites used by the general public, but is good enough for internal sites and testing.

Here's some tips on how to do it:

*How to create a self-signed certificate. Change "mydomain.com" below, but everything else is OK.
makecert -r -pe -n "CN=mydomain.com" -b 01/01/2000 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12


*How to install the newly created certificate
Open "Internet Information Services", right click on "Default Web Site", select the "Directory Security" tab, select the "Server Certificate..." button.

*How to apply it to a virtual directory
Open IIS, right-click on the virtual directory, select the "Directory Security" tab. Under "Secure communications", select "Edit..." then check "Require secure channel (SSL)".
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)