Self Signing Certificate for IIS

Create a self signing certificate for IIS

VS2005 provides tools to do this which is called makecert and pvk2pfx. First all you need to do is run the following batch file and specify a name for it.

For example

yourBatchFile.bat testCert

The content of batch file is as follows

makecert -r -pe -n "CN=testCert" -sky exchange -sv %1.pvk %1.cer
pvk2pfx -pvk %1.pvk -spc %1.cer -pfx %1.pfx

Once you have this installed, please goto

Start->Run->MMC->File->Add SnapIn->Add->Certificates

A wizard will appear asking you the scope of your certificates. Choose Computer account and Finish.

Select Local Computer and again click Finish. Click Close and then OK.

This will bring you to a Certificates Console.

Expand Personal -> Certificates, right click and select Import

The wizard will prompt you for the certificate that you have generate earlier. Provide the test.pfx. When ask for password click Next, Next and Finish.

You need to repeat the same process for Trusted Root Certification Authorities. Expand Certificates and look for Trusted Root Certification Authorities. Under All Task -> Import.

You need to choose testCert.pfx as well.

Configuring IIS

Go to IIS -> Default Web Site -> Properties ->Directory Security -> Server Certicate -> Assign Existing Certificate -> Select testCert -> Click Next and Finsih

The batch file generates an identity for you under the keyword "CN=testCert".
This means that if user where to type in something like this certificate will be able to validate that it is a legitimate site.

At this point you can use SSL Diagnostic tool for your test to see if you have install your Certificate correctly.

Please proceed to change your hosts file. It can be found under Windows\System32\Drivers\etc\hosts.

Add an entry like the following. testCert

Save it and then you can test out your SSL enabled by firing up your browser and type in the following.

yourTestSample is a valid virtual directory in IIS.

That's it and you can use the following setup for CardSpace.


Popular posts from this blog

A quick tutorial for OWASP ZAP tool for beginners

ionic2 cordova build android - Unable resolve gradle 2.2.3