Using Microsoft Certificate Services - How to set up SSL by using IIS
For the developer machines running Windows XP and IIS 5.1 the choice for setting up HTTPS protocol is very limited.
Verisign has a trial certificate which is valid for 14 days and had to be renewed with diferent credentials after expiry.
More info is available at Free SSL Trial Certificate
Luckily for those who have Windows 2003 Server (Enterprise or Standard) Microsoft has its own CA services. Install the CA on your Development Windows 2003 Server depending on your configuration.
Follow the instruction given for setting up SSL on IIS 5.
Sometimes on XP you would get this error Certificate Authority. Keyset does not exist. Resolve as instructed.
Now when you access the URL. IE 7 would throw the Certificate Error Navigation Blocked. Please note Use your machine name and not localhost for https
Even if you add the certificate to the Trusted CA Root in IE the error would still be repeated as the certificate issued by Microsoft Certificate Services follows a concept call Certificate Chaining
In order to make IE 7 relax its policy you need to install the Certificate Chain from the Certificate Services Web Server.
Navigate to the Certificate Server and click on Install this CA Certificate Chain as shown in the figure.
Now navigate to your local url and the lock symbol should appear without the green background.
Happy Programming
Anton
Verisign has a trial certificate which is valid for 14 days and had to be renewed with diferent credentials after expiry.
More info is available at Free SSL Trial Certificate
Luckily for those who have Windows 2003 Server (Enterprise or Standard) Microsoft has its own CA services. Install the CA on your Development Windows 2003 Server depending on your configuration.
Follow the instruction given for setting up SSL on IIS 5.
Sometimes on XP you would get this error Certificate Authority. Keyset does not exist. Resolve as instructed.
Now when you access the URL. IE 7 would throw the Certificate Error Navigation Blocked. Please note Use your machine name and not localhost for https
Even if you add the certificate to the Trusted CA Root in IE the error would still be repeated as the certificate issued by Microsoft Certificate Services follows a concept call Certificate Chaining
In order to make IE 7 relax its policy you need to install the Certificate Chain from the Certificate Services Web Server.
Navigate to the Certificate Server and click on Install this CA Certificate Chain as shown in the figure.
Now navigate to your local url and the lock symbol should appear without the green background.
Happy Programming
Anton
Labels: SSL
posted by Anton at
10:17 PM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home