Wednesday, June 23, 2010

Binding an SSL Certificate to a Web Site in IIS 7

I run my own Exchange 2007 server, which requires an SSL certificate to enable all functionality (like syncing to my iPhone). A few days ago, my SSL certificate expired so I renewed it and installed the new one. As soon as I did that, I could no longer sync my phone or use Outlook Web Access (OWA). In fact, I got a “Page Not Found” error when navigating to the server using “https”.

The solution to the problem turned out to be simple, but it took me a while to figure out. Mainly because I haven’t done a lot of configuration on IIS 7, as the place I’m currently consulting at uses older technologies like IIS 5 and IIS 6 (government work…it isn’t always bleeding-edge, by a long shot, but it can be stable…).

IIS 7 gives you the option to bind an SSL certificate to each website. My old certificate was bound to the Default Website, and when I deleted the certificate the binding was obviously removed. When I installed the new certificate, I forgot to rebind it. So here’s how you do it.

Start up IIS 7 and select the web site you want to bind an SSL certificate to (in this example, “Default Website”):

Next, click on “Bindings…” on the right-hand menu. This will bring up the site bindings menu. If you still have the old https binding listed here, click “Remove” before proceeding. Trying to edit the old binding can be problematic and doesn’t always work.

After that, click “Add…” to bring up the “Add Site Binding” dialog.

In the “SSL certificate” dropdown, choose the certificate you want to bind to this website. Click “OK” to close out of all dialogs, and then make sure to restart IIS. That’s it! :)

1 comment:

  1. Thanks for the walk through, starting an exchange server with SSL so people with iphone and smart phone can use it in the office seem to only work if you use SSL from what people are saying on the forums. Do you think openSSL would be ok at use or should i just buy a SSL