How to Install a TLS/SSL Certificate In Microsoft IIS 10

The following instructions will guide you through the SSL Certificate installation process on Microsoft IIS 10. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure.

What You'll Need

  1. Your server certificate file
    This is the TrustCor certificate you received for your domain.
  2. Your intermediate certificate(s)
    These files allow the devices connecting to your server to identify TrustCor as the issuing CA. There may be more than one of these certificates. If you downloaded the pem-chain file, it will also contain the Intermediate certificate(s) bundled with your domain's certificate.
  3. Your private key
    This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it.

Installation Instructions

  1. Access Server in IIS
    Launch Internet Information Services (IIS) Manager and click the server name in the Connections menu on the left.
  2. Open Server Certificates Manager
    On the Home page for the server, locate the IIS section (in the center pane), and double-click Server Certificates. The Server Certificates control panel will open in the center window.
  3. Open Complete Certificate Request Wizard
    On the Actions menu on the right, click the Complete Certificate Request... link. The Complete Certificate Request wizard will open in a new window.
  4. Specify Certificate Authority Response
    In the Complete Certificate Request wizard, on the Specify Certificate Authority Response page, do the following and then click OK.
    1. Click the ... button to browse to your TrustCor certificate file on your PC and add it to IIS.
    2. Friendly name: Type a friendly name for the certificate. The Friendly Name should be something that helps you easily identify the certificate. We recommend that you add TrustCor and the expiration date to the end of your friendly name, for example: yoursite-trustcor-(expiration date).
    3. Finally, select Web Hosting as the certificate store and click OK to import your certificate.
      Now that you’ve successfully installed your SSL certificate, you need to assign the certificate to the appropriate site.
  5. Set Certificate Bindings
    1. Return to the server home page in the Internet Information Services (IIS) Manager. In the Connections menu (left-side), expand Sites and then click on the site that needs the SSL installed.
    2. On the website Home page, in the Actions menu (right pane), locate Edit Site and click the Bindings... link. The Site Bindings window will open.
    3. If you are installing an SSL certificate for the first time, click Add to create a new binding. If you are replacing an old certificate, click the existing binding and then click Edit.
    4. In the Add Site Bindings window, do the following and then click OK:
      Type: In the drop-down list, select https.
      IP Address: In the drop-down list, select your site's IP Address or select All Unassigned.
      Port: Type port 443. The port over which traffic is secure by SSL is port 443.
      Host Name: Not required for single name certificate installation.
      * If you are installing more than one certificate, or installing the certificate on more than one website, enter the host name (domain) that you want to secure and check the box to Require Server Name Indication.
      SSL Certificate: In the drop-down list, select your new SSL certificate.
      When all settings are configured, click OK.

Your certificate should now be installed. You can navigate to your site in a web browser to check for the padlock, or use an online SSL Checker tool to verify the installation.