Installing a Server Certificate in IIS 5.1 on Windows XP Professional

Server certificates enable server identification and secure Web communications.  The following procedure is used to install a Server Certificate.  For instructions on generating a certificate see Generating a Server Certificate using IIS 5.1 on Windows XP Professional.

  1. Open the Microsoft Management Console for IIS if it is not already open.
  2. Select the Web site were you wish to install a Server Certificate and right click to open its ‘Properties’.  In this example we have selected the ‘Default Web Site’.

  1. When the Web site ‘Properties’ tab pane opens select the ‘Directory Security’ tab and then click ‘Server Certificate’.

  1. The ‘Web Server Certificate Wizard’ will open.  Note that this wizard will notify you if there are pending certificate requests (e.g. the result of using this wizard to generate a certificate request in the past).  In this case there will be a pending request if you have followed Generating a Server Certificate using IIS 5.1 on Windows XP Professional. Click ‘Next >’.

  1. The ‘Pending Certificate Pane’ of the ‘IIS Certificate Wizard’ appears.  Keep the default selection ‘Process the pending request and install the certificate’ and click ‘Next >’.

  1. The ‘Process a Pending Request’ pane will ask for the filename and path of the certificate file you created from the your Certificate Authority’s response.  Select your server certificate file and click ‘Next >’.

  1. The ‘Certificate Summary’ pane will appear.  Review the summary information. It will match the information you provided in Generating a Server Certificate using IIS 5.1 on Windows XP Professional with the “Issued To” and “Issued By” fields filled in.  Click ‘Next >’.

  1. The final pane of the ‘IIS Certificate Wizard’ will appear.  Click ‘Finish’.

  1. Once the above procedure is complete the server certificate has been installed and the ‘Directory Security’ tab of the Web Site ‘Properties’ tab pane will now have the ‘View Certificate’ and ‘Edit…’ buttons activated.  Click ‘View Certificate’.

  1. The standard Windows Certificate Viewer will open.  If  the certificate chain and root certificate for the issuing Certificate Authority is not installed on your server the ‘General’ tab pane will appear with a warning icon in ‘Certificate Information’.  Click on the ‘Certification Path’ tab to verify.

  1. Notice that the ‘Certification status’ is “The issuer of this certificate could not be found.” and the certification path cannot be determined.

  1. Close the ‘Certificate’ viewer by clicking ‘OK’ and install the issuing Certificate Authority’s Root Certificate as a trusted root certificate if necessary.  

 

Top

Back to Web Page Access Control Using PKI
PKI Lab Home

Dartmouth College PKI Lab
Last update: 26 February 2003