This step-by-step article describes how to set up Secure Sockets Layer (SSL) in a Windows 2000 Internet Information Services (IIS) 5.0 development lab environment. Microsoft Certificate Server 2.0 can create many different certificates.
Create a Certificate Request
To create a Web server certificate, follow these steps:
Open the Internet Service Manager Microsoft Management Console (MMC). To do this, click Start, point to Programs, point to Administrative Tools, and then click Internet Service Manager.
Double-click the server name so that you see all the Web sites.
Right-click the Web site where you want to install the certificate, and then click Properties.
Click the Directory Security tab.
You see three security methods. The one you will use to create a certificate request is Secure Communications.
Click Server Certificate. The Certificate Wizard starts. Click Next to continue.
Select Create a new certificate, and then click Next.
Select Prepare the request now, but send it later, and then click Next.
Type a name for your certificate, and then select a bit length. Unless it is needed for your lab, do not select the SGC Certificate check box. (For more information about SGC certificates, see the note at the end of this section.) Click Next to continue.
Type your organization name and the organizational unit (for example, company name and development department). Click Next.
For Common Name, type either the fully qualified domain name (FQDN) or the server name. If you are creating a certificate that will be used over the Internet, it is better to use an FQDN. Click Next.
Type your location information, and then click Next.
Type the path and file name where you want to save the certificate information, and then click Next.
NOTE: If you type anything other than the default location and file name, make sure to note the name and location you select, because you must access this file in later steps.
Verify the information that you have typed, and then click Next to complete the process and create the certificate request.
In the Completing the Web Server Certificate Wizard dialog box, click Finish.
Click OK to close the Web site properties.
Submit a Certificate Request
To submit a certificate request, follow these steps:
Open a browser, and then open https://YourWebServerName/certsrv/.
Select Request a Certificate, and then click Next.
Select Advanced Request, and then click Next.
Select the center option, Submit a Certificate Request using a Base64, and then click Next.
In Notepad, open the request document that you created in the first procedure section, “Create a Certificate Request”.
Copy the contents of the document.
The contents look similar to the following:
—–BEGIN NEW CERTIFICATE REQUEST—–
MIICcjCCAhwCAQAwYjETMBEGA1UEAxMKcm9ic3NlcnZlcjELMAkGA1UECxMCTVMx
CzAJBgNVBAoTAk1TMREwDwYDVQQHEwhCZWxsZXZ1ZTERMA8GA1UECBMIV2FzaGl0
b24xCzAJBgNVBAYTAlVTMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALYK4sYDNQ7h
LmSfL0qpIvUfY7Ddw7fNCvDp3rM7z4QqoLhA2c8TkyamqWTBsV0WRHIidf/J6mU4
wN4wrUzJTLUCAwEAAaCCAVMwGgYKKwYBBAGCNw0CAzEMFgo1LjAuMjE5NS4yMDUG
CisGAQQBgjcCAQ4xJzAlMA4GA1UdDwEB/wQEAwIE8DATBgNVHSUEDDAKBggrBgEF
BQcDATCB/QYKKwYBBAGCNw0CAjGB7jCB6wIBAR5aAE0AaQBjAHIAbwBzAG8AZgB0
ACAAUgBTAEEAIABTAEMAaABhAG4AbgBlAGwAIABDAHIAeQBwAHQAbwBnAHIAYQBw
AGgAaQBjACAAUAByAG8AdgBpAGQAZQByA4GJAGKa0jzBn8fkxScrWsdnU2eUJOMU
K5Ms87Q+fjP1/pWN3PJnH7x8MBc5isFCjww6YnIjD8c3OfYfjkmWc048ZuGoH7Zo
D6YNfv/SfAvQmr90eGmKOFFiTD+hl1hM08gu2oxFU7mCvfTQ/2IbXP7KYFGEqaJ6
wn0Z5yLOByPqblQZAAAAAAAAAAAwDQYJKoZIhvcNAQEFBQADQQCgRCWkaXlY2nVa
tbn6p5miP