IIS: Created self signed certificates using makecert.exe for local IIS
You
have learned how to run the local IIS on https with self signed
certificate with my previous blog
http://iistipsandtricks.blogspot.in/2015/08/make-your-site-work-with-https-on-local.html.
Now you want to get rid of the error you get when you first time get when you run your site with a untrusted self signed certificate. Also if you are working with SAS platform then you need to send authentication token which require trusted certificate.
These are steps below to make it work.
1. Open the Developer command prompt for visual Studio.
2. Run the below 2 commands on that window command prompt.
4. After the above step this will create 4 files with name localhost.cer, localhost.pfx, localhost.pvk and localhost.spc. at path c:\windows\SysWow64(64bit machine) or c:\window\system32(32bit machine)
5. Copy these files to a folder outside that folder so that you can have that handy.
6. Now open the IIS Manager and select the rootnode on the left side panel.
7. Double double click the Server Certificate and then click Import on the Right hand side panel.
8. After clicking the Import it will open the dialogue for importing the certificate which you have created on step 1-5. Select the .pfx file from the folder you have kept the generated files.
9. Now your certificate will be available on the certificate list.
10. Now go and select the Default Web Site node from the left side panel on IIS and click on the Bindings on the right hand side Action Panel.
12. On that dialog select the https binding and click Edit button.
13. now on the edit binding dialog select your imported certificate on the SSL certificate drop down and click OK to save.
14. Now run your site with https url.
15. when the site run it gives you the error related to certificate " there is problem with this website's security certificate". click on "Continue to the this website (not recommended)" .
16. When clicked the link to Continue to this website, you need to click on Certificate error in the address bar, which would inform you that the website was using an Untrusted certificate.
17. If you click View certificates, the Certificate dialog box informed you that the CA Root certificate was not trusted.
18. In that dialog you need to click install certificate, which open Certificate Import Wizard ask you where to install the certificate. where on the first step it will ask you choose store location. select local machine and Click Next button.
19. On the next screen Click Place all certificates in the following store, and then click Browse.
20. When the Select Certificate Store dialog box is displayed, click Trusted Root Certification Authorities, and then click OK.
21. On the Certificate Import Wizard, click Next.
22. Completing the Certificate Import Wizard page is displayed in the wizard, click Finish.
23. Click OK when the Certificate Import Wizard informs you that the import was successful.
24. Now run your site and it will not give you the security certificate error.
Enjoy you https site running with trusted self signed certificate.
Note: all the sites i have run in the Internet explorer 11.
Now you want to get rid of the error you get when you first time get when you run your site with a untrusted self signed certificate. Also if you are working with SAS platform then you need to send authentication token which require trusted certificate.
These are steps below to make it work.
1. Open the Developer command prompt for visual Studio.
2. Run the below 2 commands on that window command prompt.
makecert -r
-n "CN=localhost" -b 01/01/2000 -e 01/01/2099 -eku 1.3.6.1.5.5.7.3.1
-sv localhost.pvk localhost.cer
cert2spc
localhost.cer localhost.spc
pvk2pfx
-pvk localhost.pvk -spc localhost.spc -pfx localhost.pfx
You can do selecting all the 2 commands and paste to the command window and hit enter.
3. This above command will ask you 3-4 times for the password give a password on the all the dialog same.You can do selecting all the 2 commands and paste to the command window and hit enter.
4. After the above step this will create 4 files with name localhost.cer, localhost.pfx, localhost.pvk and localhost.spc. at path c:\windows\SysWow64(64bit machine) or c:\window\system32(32bit machine)
5. Copy these files to a folder outside that folder so that you can have that handy.
6. Now open the IIS Manager and select the rootnode on the left side panel.
7. Double double click the Server Certificate and then click Import on the Right hand side panel.
8. After clicking the Import it will open the dialogue for importing the certificate which you have created on step 1-5. Select the .pfx file from the folder you have kept the generated files.
9. Now your certificate will be available on the certificate list.
10. Now go and select the Default Web Site node from the left side panel on IIS and click on the Bindings on the right hand side Action Panel.
12. On that dialog select the https binding and click Edit button.
13. now on the edit binding dialog select your imported certificate on the SSL certificate drop down and click OK to save.
14. Now run your site with https url.
15. when the site run it gives you the error related to certificate " there is problem with this website's security certificate". click on "Continue to the this website (not recommended)" .
16. When clicked the link to Continue to this website, you need to click on Certificate error in the address bar, which would inform you that the website was using an Untrusted certificate.
17. If you click View certificates, the Certificate dialog box informed you that the CA Root certificate was not trusted.
18. In that dialog you need to click install certificate, which open Certificate Import Wizard ask you where to install the certificate. where on the first step it will ask you choose store location. select local machine and Click Next button.
19. On the next screen Click Place all certificates in the following store, and then click Browse.
20. When the Select Certificate Store dialog box is displayed, click Trusted Root Certification Authorities, and then click OK.
21. On the Certificate Import Wizard, click Next.
22. Completing the Certificate Import Wizard page is displayed in the wizard, click Finish.
23. Click OK when the Certificate Import Wizard informs you that the import was successful.
24. Now run your site and it will not give you the security certificate error.
Enjoy you https site running with trusted self signed certificate.
Note: all the sites i have run in the Internet explorer 11.
Comments
Post a Comment