Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Audience: General
Last Modified: 2009-02-24 11:09:02.0

TN 7739 - Installing the Entrust Certificate on IIS 7.0 (Windows Server 2008)

Certificate Signing Request (CSR) Generation
 
1 - Open IIS 7.0 by clicking Start/Administrative Tools/Internet Information Services (IIS) Manager.
2 - Select the correct server name on the left hand Connections menu.
3 - Select the Server Certificates icon located in the Security section of the menu.
4 - Select Create Certificate Request from the right hand Actions menu to open up the Request Certificate wizard.
5 - Enter the Distinguished Name information in the Distinguished Name Properties window in the wizard:
 
Common name: Enter the domain that is to be secured on the certificate. This is usually a fully qualified domain name (e.g. mydomain.com).
 
Organization: Enter the legal business name of the organization.
 
Organizational Unit: Enter the your department name (e.g. IT).
 
City/Locality: The city in which your company is currently located.
 
State/Province: The state in which your company is currently located.
 
Country/Region: Select your country/Region.
 
6 - Click Next.
 
7 - In the following window, make sure Microsoft RSA SChannel Cryptographic Provider is selected as the Cryptographic service Provider. Make sure that the Bit Length is 2048.
 
8 - In the following window, specify the location and file name for your CSR. Take note of where the CSR is being stored, as you will need to access this when you request a certificate.
 
 
Installing your SSL Certificate
 
1 - Pickup your Entrust Certificate through the secure pickup link that is sent to you. Copy and paste the certificate that is displayed into a text file. Save the text file using a .cer file extension.
2 - Open IIS 7.0 by clicking Start/Administrative Tools/Internet Information Services (IIS) Manager
3 - Select the correct server name on the left hand Connections menu
4 - Select the Server Certificates icon located in the Security section of the menu.
5 - Select Complete Certificate Request from the right hand Actions menu to open up the Certificate wizard.
6 - Point the Certificate Wizard to the appropriate .cer file containing the certificate. Enter a friendly name for this certificate. The friendly name will not appear on the certificate. It is simply used by the administrator for tracking purposes.
7 - Click OK. Your certificate should be installed.
 
Once the certificate is installed, you must bind the certificate to your website.
 
8 - In IIS, Select your website under sites on the left hand menu.
9 - Select Bindings in the right hand Actions menu.
10 - Select the Add button in the Add Site Binding window
11 - Once the ''Add Site Binding'' window has been opened, set the Type to https, IP address to All Unassigned, Port to 443 and specify the correct SSL certificate. Click OK. Your Certificate has been installed.
 
Backing up your Certificate
1 - Click Start > Run
2 - Enter ''MMC'' and click OK
3 - Go to File > Add/Remove Snap-in
4 - Click Certificates and select Add
5 - Select Computer Account and click Next
6 - Select Local Computer and click Finish. Click OK to close the window.
7 - Double click Certificates (local computer) > Double Click Personal Folder > Double Click Certificates
8 - Right Click on the Certificate you need to backup and select All Tasks > Export to open up the wizard. Complete the wizard to create a .pfx file. This .pfx file is the backup file for certificate
9 - Select ''Yes, export the private key''
10 - Select ''Include all certificates in the certificate path if possible''
11 - Enter a password to protect the .pfx file
12 - Select the location where you wish to save the file
 
Importing your Certificate
1 - Click Start > Run
2 - Enter ''MMC'' and click OK
3 - Go to File > Add/Remove Snap-in
4 - Click Certificates and select Add
5 - Select Computer Account and click Next
6 - Select Local Computer and click Finish. Click OK to close the window.
7 - Double click Certificates (local computer)
8 - Right click on the Personal Certificates Store
9 - Select All Tasks > Import
10 - Complete the Wizard to import the certificate through the .pfx file. Point the wizard to the location of the file.
11 - Enter the correct password for the file
12 - Select to automatically place the certificate in the certificate stores based on the type of certificate.
13 - Click Finish to close the wizard and close the MMC console to complete import

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 1 Year Mutual SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 1 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year Mutual SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 3 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 3 Year Advantage SSL Version Not Applicable Language Not Applicable Windows
  • Entrust Certificate Services 3 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 4 Year Advantage SSL Certifcate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Accelerator Licenses Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Additional Administrator Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Additional Client Organization and Domain Names Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Additional Domain Names Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Additional Organization Names Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Advantage Certificates Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Affiliate Operations Module for SSL Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Affiliate Partner Program Fee Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Affiliate Partner Royalty Fees Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 1 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 2 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin UCC SSL - 1 Year Version Not Applicable English Windows
  • Entrust Certificate Services Cert Admin UCC SSL - 2 Year Version Not Applicable English Windows
  • Entrust Certificate Services Certificate Administrator 3 Year SSL Certificates Version Not Applicable Language Not Applicable Windows
  • Entrust Certificate Services Certificate Administrator EV SSL - 1 Year Version Not Applicable Language Not Applicable Windows
  • Entrust Certificate Services Certificate Administrator EV SSL - 2 Year Version Not Applicable Language Not Applicable Windows
  • Entrust Certificate Services Certificate Manager 7.0 English Windows
  • Entrust Certificate Services Cross Certificate Fee - CASP Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cross Certificate Fee - Enterprise Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Enhanced Service Account Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services EV Certificate - 1yr Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services EV Certificate - 2yr Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services EV SSL - 1 Year Version Not Applicable English Windows
  • Entrust Certificate Services EV SSL - 2 Year Version Not Applicable English Windows
  • Entrust Certificate Services Extended Validation Certificate Units Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Extended Validation Certificates Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Partner Program Reseller Fees Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services SSL Mgmt Service Account 1 YR Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services SSL Mgmt Service Account 2 YR Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services SSL Mgmt Service Account 3 YR Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services SSL Mgmt Service Account 4 YR Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services SSL Mgmt Service Account - Non-Pooling Version Not Applicable ALL Platform Not Applicable
  • Entrust Certificate Services Standard Certificate - 1 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Standard Certificate - 2 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Standard Certificate - 3 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Standard Certificate - 4 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Standard Certificate Units Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Standard Certificates Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services UC Certificate - 1 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services UC Certificate - 2 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services UC Certificate - 3 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services UC Certificate - 4 Year Version Not Applicable English Windows
  • Entrust Certificate Services UC Certificate - 4 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services UC Certificates Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services UCC Certificate - 1 and 2 year Version Not Applicable English Windows
  • Entrust Certificate Services UCC SSL - 1 year Version Not Applicable English Windows
  • Entrust Certificate Services UCC SSL - 2 year Version Not Applicable English Windows
  • Entrust Certificate Services UCC SSL - 3 year Version Not Applicable English Windows
  • Entrust Certificate Services Web Hoster Service Account Version Not Applicable English Platform Not Applicable
  • Entrust Certificate Services Wildcard Certificate Units Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Wildcard Certificates Version Not Applicable Language Not Applicable Platform Not Applicable