This document describes how to install an SSL certificate on an IIS server.
- This document uses the certificate name
cloud.tencent.comas an example. For your purposes, please use the name used in your certificate.
- This document takes Windows Server 2012 R2 as an example. The detailed steps may vary slightly depending on the operating system.
- Before you install an SSL certificate, enable port 443 on the IIS server so that HTTPS can be enabled after the certificate is installed. For more information, see How do I enable port 443 for a server?.
- To upload a SSL certificate to CVMs, see Copying Local Files to CVMs.
cloud.tencent.comfrom the SSL Certificate Service Console and decompress it to a local directory.
cloud.tencent.com.pfx: certificate file
keystorePass.txt: password file (If a private key password is set, there is no
The CSR file is uploaded by you or generated online by the system when you apply for the certificate and is provided to the CA. It is not relevant to installation.
- If you set a private key password when applying for the certificate, enter the private key password; otherwise, enter the password in the
keystorePass.txtfile in the
- If you forgot the private key password, please submit a ticket to ask Tencent Cloud engineers to delete the certificate. You need to re-apply for the domain name certificate.
5. Select the name of a site under Sites and click Site Bindings in the Actions column on the right, as shown in the following figure.
6. In the Site Bindings pop-up window, click Add, as shown in the following figure.
7. In the Add Site Binding window, set the site type to https, the port to 443, and the host name to the domain name corresponding to the certificate, specify the corresponding SSL certificate, and click OK, as shown in the following figure.
8. Once you made the addition, the new content will be available to view in the Site Bindings window, as shown in the following figure.
- For normal redirect, edit the rule according to the following steps. If you have other needs, you can configure as needed.
- During the redirect from HTTP to HTTPS, if your website element contains external links or uses HTTP protocol, it will cause the entire web page to not be completely based on HTTPS protocol. In this case, some browsers may issue security warnings such as "this link is insecure". You can view the reason for the error by clicking Details on message page.
Download and install the URL Rewrite module before proceeding to the following steps.
3. On the URL Rewrite page, click Add Rule(s) in the Actions column on the right, as shown in the following figure.
4. In the Add Rule(s) pop-up window, select Blank rule and click OK, as shown in the following figure.
5. Go to the Edit Inbound Rules page, as shown in the following figure.
(.*)in the Pattern text box.
If you experience any issues with the steps outlined above, please contact us.