SSL Binding and Certificate

For additional information, see How to Set Up SSL on IIS 7.
Note: Before beginning, obtain a certificate from a certificate authority.
  1. After obtaining a certificate, open IIS Manager, select the server node in the treeview and double-click the Server Certificates feature in the listview.
  2. In the Actions pane, click Create Self-Signed Certificate. Provide a Friendly Name for the new certificate and click OK.
    Note: A self-signed certificate now appears and is marked for Server Authentication use.
  3. After importing your certificate, verify NETWORK SERVICE has Read permissions to the private key (if using account other than NETWORK SERVICE make sure that account has access to the private key as well) through Microsoft Management Center. Select the Personal/Certificates folder and right-click on the certificate; select All Tasks and Manage Private Keys. Validate that NETWORK SERVICES or the other group or user name has Read permission.
  4. Create an SSL binding. Within INET Manager, open IIS Manager. Select the website that is hosting the application. In the Actions pane, click Bindings to display the bindings editor to create, edit, and delete bindings for your Web site.
  5. Create an HTTPS binding and assign the SSL certificate you want to use for this site. Click OK.
    Note: This certificate will be referenced as the certificate thumbprint. Access the certificate's Properties, then Details tab; find the thumbprint and remove any spaces and special characters.
  6. Verify the SSL binding. Browse to the server to verify that SSL is bound correctly .
If using a self-signed certificate: Internet Explorer (IE) will display an error page because the self-signed certificate was issued by your computer, not by a trusted Certificate Authority (CA). IE will trust the certificate if you add it to the list of Trusted Root Certification Authorities in the certificates store it on the local computer, or in Group Policy for the domain. Firefox and Chrome react differently, but may also prompt you to continue. Click Continue to this website (not recommended).