Step 3: Creating self-signed client certificate The self-signed server certificate will appear in the list. Go to the Certificate Console on the IIS server, right click Personal → Certificate, choose All Tasks → Import.Ĭhange the file extension to *.pfx* when selecting certificate and choose ServerCert.pfx we just created. It will create three files: ServerCert.cer, ServerCert.pfx and ServerCert.pvk. Run CMD and execute c:\cert\CreateServerCertificate.cmd.Įnter password: Password1 in all password prompt dialogs. Save following content as c:\cert\CreateServerCertificate.cmd on the IIS server. Step 2: Creating self-signed server certificate The self-signed CA root will appear in the list.Ĭopy the CARoot.cer to the client machine and import it using the same steps. Keep default settings, click Next and then click Finish. Right click Trusted Root Certification Authorities → Certificate, choose All Tasks → Import.Ĭlick Next, choose the self-signed root CA: CARoot.cer and then click Next. Keep default settings, click Finish, then click OK. Press Ctrl M or click File → Add/Remove Snap-in, select Certificates, click Add >.Ĭhoose Computer account and then click Next. Run mmc on the IIS server to launch Console. It will create three files: CARoot.cer, CARoot.pfx and CARoot.pvk. Run CMD and execute c:\cert\CreateCARoot.cmd.Įnter password: Password1 in following three password prompt dialogs. Save following content as c:\cert\CreateCARoot.cmd. For your convenience, I've packaged the files and shared them at: Ĭreate directory: c:\cert on the IIS server.Ĭopy makecert.exe and pvk2pfx.exe to c:\cert. On a Windows 10 圆4 PC with VS2015 installed, you can get them from: C:\Program Files (x86)\Windows Kits\10\bin\圆4. You can find the two EXEs from a system with Visual Studio installed. Iis-lab-server Windows Server 2012 R2 Standard Therefore, I am going to write this blog to record every steps including: creating self-signed root CA, server certificate, client certificate and configuring IIS. It always took me hours to deploy a test website that requires client certificate. Some IE/IIS issues may involve client certificate.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |