This step-by-step article describes how to set up Secure Sockets Layer (SSL) in a Windows 2000 Internet Information Services (IIS) 5.0 development lab environment. Microsoft Certificate Server 2.0 can create many different certificates.
Create a Certificate Request
To create a Web server certificate, follow these steps:
Open the Internet Service Manager Microsoft Management Console (MMC). To do this, click Start, point to Programs, point to Administrative Tools, and then click Internet Service Manager.
Double-click the server name so that you see all the Web sites.
Right-click the Web site where you want to install the certificate, and then click Properties.
Click the Directory Security tab.
You see three security methods. The one you will use to create a certificate request is Secure Communications.
Click Server Certificate. The Certificate Wizard starts. Click Next to continue.
Select Create a new certificate, and then click Next.
Select Prepare the request now, but send it later, and then click Next.
Type a name for your certificate, and then select a bit length. Unless it is needed for your lab, do not select the SGC Certificate check box. (For more information about SGC certificates, see the note at the end of this section.) Click Next to continue.
Type your organization name and the organizational unit (for example, company name and development department). Click Next.
For Common Name, type either the fully qualified domain name (FQDN) or the server name. If you are creating a certificate that will be used over the Internet, it is better to use an FQDN. Click Next.
Type your location information, and then click Next.
Type the path and file name where you want to save the certificate information, and then click Next.
NOTE: If you type anything other than the default location and file name, make sure to note the name and location you select, because you must access this file in later steps.
Verify the information that you have typed, and then click Next to complete the process and create the certificate request.
In the Completing the Web Server Certificate Wizard dialog box, click Finish.
Click OK to close the Web site properties.
Submit a Certificate Request
To submit a certificate request, follow these steps:
Open a browser, and then open http://YourWebServerName/certsrv/.
Select Request a Certificate, and then click Next.
Select Advanced Request, and then click Next.
Select the center option, Submit a Certificate Request using a Base64, and then click Next.
In Notepad, open the request document that you created in the first procedure section, "Create a Certificate Request".
Copy the contents of the document.
The contents look similar to the following:
-----BEGIN NEW CERTIFICATE REQUEST-----