Install SSL Certificate in IIS 7

In this article I am installing a certificate from onto a Windows 2008 IIS 7 server.

I’m currently using 123-reg as the certificates are cheap and the authorisation process is easy. You can buy your own certificate from 123-reg here.

  1. Generate CSR

Open IIS 7 and go to the “server certificates” section

Then go to the “Create Certificate Request”

Fill out the below as appropriate. For the “common name” field enter the internet address you wish to use, i.e.

Select the appropriate cryptographic level required by your issuing authority. For 123-reg choose 2048 bit encryption.


  1. Order Certificate (123-reg only)

The below explains how to order a certificate with Logon to your 123-reg account and go to “buy” in the Manage SSL section.

Choose the appropriate option below and enter the external website name.

Fill out the details and paste in your CSR created in step 1

Enter your email below. For the approval email I advise making sure you can pickup this email before entering the address. If the approval email is sent to an address you can’t access then you have a problem!

An email will be sent to the approval address which will contain a link that allows you to approve the request. You will need to approve this before the certificate is issued.

After you have approved the request you should get the certificate emailed to you.

On the email there are 2 certificates – the SSL certificate and an intermediate certificate.

Cut and paste these sections into 2 separate text files. One called ssl.txt and one called intermediate.txt.

  1. Install SSL Certificate

In IIS7 select complete certificate request as shown below. Select the ssl.txt file you created above.

Click ok and the certificate will be installed.

  1. Install Intermediate Certificate

Open an MMC and add the “certificates” snapin choosing the “local computer” option.

Select the option to import a certificate into the “certificates” folder under “intermediate certification authorities”

Browse the intermediates.txt folder you saved earlier.

  1. Backup SSL certificate (optional)

You may want to backup the certificate incase something bad happens to the server of if you want to use it elsewhere in the future.

Go to the personal folder then choose the export option as shown below.

Choose yes to export the private key. Then choose the options below.

Then save the exported file.


  1. Create SSL Binding (optional)

If the website is not configured to listen on port 443 (i.e. HTTPS) you will need to create a binding.

Right click on the website and choose “edit bindings”.

Enter the details as below. Make sure you select the certificate you have recently installed.


Click ok.




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.