The purpose of the SSL Certificate is to secure or encrypt communication between the client and the website. In this article, client represents your browser such as Internet Explorer, Google Chrome, or Firefox, etc. Website is any website that you are accessing from server on which SSL Certificate is installed. In this blog, we will get and install a certificate from the Let’s Encrypt certificate authority that provides free SSL certificates.
Following are the prerequisites for installing SSL Certification:
1. IIS Web Server – IIS Web Server should be running and serving websites and web APIs.
2. Add a Web Site or a Web API – Add and configure web API or website with HTTP and HTTPS. Before installing SSL Certificate, a website or web API can be accessed using HTTPS but it will exchange data in plain text and the browser will indicate it by a cross on the padlock at the start of the address bar. To apply certificate we have added “mysite” with the following ports and protocols:
HTTP 8014 & HTTPS 414
3. Open Port on Windows Firewall – Open the ports 8014, 414, and 80 on Windows Firewall.
4. Port Forwarding on DSL Router/Azure Portal – Open the ports 8014, 414, and 80 on Azure Portal for the VM on which IIS Web Server is running. If using your server then open the above ports on the DSL router and forward these ports by the IP of the local server.
Note: Port 80 must be opened because the SSL Certificate application communicates and validates the certificate through this port.
5. Public IP – Find and note the public IP of your ISP. For example, 220.127.116.11
6. DNS A Record on your Domain – Create a DNS A Record on the domain that will be used as hostname for the website/web API. For example
7. Update Website Binding with DNS A Record – Now edit binding of the website/web API and add HTTPS protocol with port 414, add mysite.yourdomain.com in the hostname, and IIS Express Development Certificate under SSL Certificate
Visit the win-acme site and download the client application on IIS Web Server.
Download and unzip the “win-acme.v18.104.22.1686.x64.pluggable.zip” and then rename the unzipped folder to win-acme.v2.1.14
Copy it in Program Files and open this folder.
Run the “wacs.exe” as Administrator and type N on the console of the application. Then type identifier the website. (In this case, 11)
Now type A and for confirmation type Y. After a few seconds application will complete the certificate creation and will produce the following results. Congrats, certificate created and bounded to mysite.
TESTING YOUR SITE
After binding the SSL to your website, you should test that SSL is working properly. Browse the website in a new tab. You will find the padlock icon in the address bar. On clicking the lock icon you will find the following information about the certificate.
For more detail on testing your site with SSL, see the Microsoft instructions on how to set up SSL on IIS.
In this article, we have learned how to install and bind SSL Certificate to the website. This is critically important as the information you send on the internet is passed from multiple sources before it reaches destination server.
For any questions, please comment below. I will be pleased to help more.