Tuesday, May 3, 2011

SSL Installation Guidelines: Install VeriSign SSL on Microsoft IIS 6.0

VeriSign SSL provides SSL solutions that allow companies & consumers to engage in transactions & commerce online with trust and confidence. This document provides instructions for installing Cheap SSL Certificates into Microsoft IIS 6.0.

VeriSign is the leading Secure Sockets Layer (SSL) Certificate Authority enabling secure e-commerce, communications, and interactions for Web sites, intranets, and extranets. VeriSign® digital certificates protect over 900,000 Web servers worldwide, so consumers can shop safely. Choose VeriSign® SSL Certificates and display the VeriSign Secured® Seal, the most trusted mark on the Internet.

Follow the guidelines to install VeriSign SSL Certificate on Microsoft IIS 6.0. In case of any failure in installation, it is recommended to contact Microsoft.

Download the certificate

Method 1:
You will receive the SSL Certificate via email from VeriSign. Copy and paste the contents of the certificate into a plain text editor such as Notepad.


The text file should be in the following format :

-----BEGIN CERTIFICATE-----

[Encoded data]

-----END CERTIFICATE-----
There should be 5 dashes on the either side of the BEGIN CERTIFICATE and END CERTIFICATE with no other white space, line breaks or any other character being added unintentionally.


Method 2:
Download the certificate from VeriSign Trust Center: SO8061

Reminder:
If you download the certificate from VeriSign Trust Center account or install it from the email received, then save it with .txt or p7b extension.

If you install the certificate, downloaded from VeriSign Trust Center account in x.509 format, then save it with the extension .txt or .cer.


Step 1: Installing SSL Certificate into IIS 6.0
  • Open the Internet Services Manager (IIS)
  • Click Start
  • Select All Programs > Administrative Tools
  • Choose Internet Information Services (IIS) Manager
  • Under Web Sites, right-click your web site and select Properties > Directory Security tab.
  • Under Secure Communications, click Server Certificate
  • The Web Site Certificate Wizard will open, click Next.
  • Choose Process the Pending Request and Install the Certificate, then click Next.
  • The pending request must match the response file. If you deleted the pending request in error you must generate a new CSR and replace this certificate.
  • Select the location of the certificate response file, and then click Next.
  • Verify the summary screen and then click Next.
  • After the confirmation screen, click Next.
  • Be sure to assign your site an SSL port (443 by default).

Step 2: Locate and Disable the VeriSign Class 3 Public Primary Certification Authority - G5 Root CA certificate
  • Create a Certificate Snap-In in Microsoft Management Console (MMC).
  • With the MMC and the Certificates snap-in open, expand the Trusted Root Certification Authorities folder on the left and select the Certificates sub-folder.
  • Locate the following certificate: Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Expiration Date: 7/16/2036 Serial Number: 18 da d1 9e 26 7d e8 bb 4a 21 58 cd cc 6b 3b 4a
  • If this certificate is present, it must be disabled.
  • Right click the certificate
  • Select Properties
  • In the Certificate purposes section, select Disable all purposes for this certificate
  • Click the OK button
  • Close the MMC - there is no need to save console settings

Step 3: Verify certificate installation

Stop and start your Web server prior to any testing. In some cases the changes may not take place after restarting IIS Services and a re-boot is needed.

Choose VeriSign SSL Certificates for maximum reliability for your websites. Increase your online sales with the most supported and widely trusted Cheap SSL Certificate Provider – VeriSign.

No comments:

Post a Comment