IIS6.0 上安裝 SSL 證書

時間 2019-11-13

標籤 iis6.0 iis 安裝 ssl 證書欄目 SSL 简体版

原文原文鏈接

安裝過兩次SSL證書，如今來總結一下，之後可能會用到。node

有不少提供SSL證書的公司，咱們這裏就用https://www.sslforfree.com/ 提供的證書進行說明。安裝SSL證書的步驟以下：web

1. 驗證域名，獲取證書。服務器

2. 對獲取的證書進行加工，生成pfx格式的證書（這裏個人web服務器是IIS6.0）dom

3. 在web服務器上保存生成的pfx證書。網站

4.在IIS6.0中加載pfx證書。到此一切工做結束，就能夠用https訪問web頁面了。this

下面開始進行操做細節描述：（由於網站是英文的，因此接下來我就用英文描述了）server

1. 驗證域名，獲取證書。ip

step1: visit the web site of sslforfree and enter yourdomain.com and click the button of which name is "create free ssl certificate"ssl

step2: verify the domain. we choose the manual verification. Click the manually verify domain button, then download the two files rem

to your local cmputer.

step3: like bellow

　　1. Create a virtual folder in your domain named ".well-known" if it does not already exist. If you use Windows you may have to add a dot at the end of the folder name in order to create a folder with a dot at the beginning.

　　2. Create another folder in your domain under ".well-known" named "acme-challenge" if it does not already exist

　　3. Upload the downloaded two files to the "acme-challenge" folder

step4: add a mime type to your IIS6.0 web server, That mime is (.=>text/plain).

step5: Verify successful upload by visiting The-Links in your browser. The-Links is in step2's web page. If you can see a string of random alphanumeric characters. It shows you have successed.

step6: click the button of download ssl certificate to download the files.

2. 加工證書，生成pfx格式的證書

step1: install openssl on your local computer(notice: it is on local computer, not web server's computer).

step2: run cmd and navigate to the folder of which has the downloaded certificate files in above's step6. then running bellow's cmd:

openssl pkcs12 –export xxx.pfx –inkey private.key –in certificate.crt ca_bundle.crt

it will tip you input a password, remember it. The password will be used in later steps. It will generate a pfx file. It is the target file you want.

3. 在服務器上保存、配置證書。

step1: run cmd and input "mmc" to open mmc program. then do the following's operration:

click file menu and choose "add/remove snap in" item, then it will open a dialogue, click the add button and choose certificates,then click ok button.

step2: in mmc UI, you will see a node named "certificate" in left panel, click the node, then right click personal sub-node and choose tasks->import, ti import your pfx file.(notice: choose computer configuration during the steps.)

If you not clear how to do this steps, you can search "如何在mmc中導入證書", there are many pages about this.

4.在IIS6.0中加載pfx證書

step1: right click on local web site and choose "directory security" tab, then click "server certificate" button, choose your pfx file and input password which generated in above.

You can search "how to load certifiate to IIS6.0" to get many pages about it.

Here, you have successfully complete the task of installing SSL to your web server.