8.6.5.4            Installing the Certificate and Setting Up an SSL Web Site

There are several ways to install and set up an SSL certificate: for example, you can double-click the certificate and use the Certificate Installation Wizard to preinstall the certificate, then bind it to the site. This article demonstrates how to install the certificate by using the Internet Service Manager MMC through the Web Server Certificate Wizard.

To install a certificate in Certificate Server, follow these steps:

1.       Open the Internet Services Manager and expand the server name so that you can view the Web sites.

2.       Right-click the Web site that you created the certificate request for, and click Properties.

3.       Click the Directory Security tab. Under Secure Communications, click Server Certificate.

This opens the Certificate Installation Wizard. Click Next to continue.

4.       Select Process the pending request and install the certificate and click Next.

5.       Type the location of the certificate that you downloaded earlier in section three, "Issuing and Downloading a Certificate", then click Next.

The Wizard displays the Certificate Summary. Verify that the information is correct, and then click Next to continue.

6.       Click Finish to complete the process.

To configure and test the certificate, following these steps:

1.       On the Directory Security tab, under Secure Communications, note that there are now three available options. To set the Web site to require secure connections, click Edit. The Secure Communications dialog box appears.

2.       Select Require Secure Channel (SSL), and then click OK.

3.       Click Apply and then OK to close the property sheet.

4.       Browse to the site and verify that it works:

a.       Access the site through http by typing http://localhost/Postinfo.html in the browser. You receive an error message that resembles the following:

HTTP 403.4 - Forbidden: SSL required.

b.       Try to browse to the same Web page using a secured connection (https) by typing https://localhost/postinfo.html in the browser.

c.       You may receive a security alert that states that the certificate is not from a trusted root CA. Click Yes to continue to the Web page.

The page should appear.

NOTE:
To learn how to add your root CA to the Trusted Root CA list in your browser, see Appendix B.

If you can view the page, you have successfully installed your certificate.

NOTE:
The Postinfo.html page is a standard HTML page that is found in the root of the default Web site.