Installing SSL certificate in IIS

To install the certificate, you need a .pfx certificate file and a password. To create the .pfx file, you need the .crt file (certificate) and .key file (key) associated with the certificate. You should have received these two files when purchasing a certificate.

The .pfx file can be generated with OpenSSL for Windows (can be installed for free):

• Open a command line in the bin directory of the Open-SSL installation and execute the following command:

• openssl pkcs12 -export -out <filename>.pfx -inkey <KeyFileName>.key -in <certificate file>.crt

• Now enter a password for the .pfx file and confirm it again.

Example:

openssl pkcs12 -export -out filename.com.pfx -inkey filename.com.key -in certificate.com.crt

• In the IIS Manager, click on the web server's start page (usually named using the server name).
• Click the Server Certificates icon in the IIS area.
• In the action area, click Import...
• Search for the .pfx certificate file with ... from the directory system.
• Specify the password of the .pfx certificate file.
• Under Select Certificate Memory, select Web Hosting from the drop-down list.
• Leave the Allow Export Of This Certificate checkbox selected and click OK to exit.

In order for the IIS web server (which runs all IQ4docs services) to be able to transmit encrypted data, a certificate must be entered in the binding of the Default Web Site listening on port 443.

• In the IIS Manager, click the Default Web Site and then click Bindings... in the Actions section.
• Select the site binding https with port 443 and click Edit.
• Select the certificate from the drop-down list under SSL Certificate (e.g. *.company.com).