Announcement

Collapse
No announcement yet.

Secure traffic on IIS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Secure traffic on IIS

    How to create a secure website using SSL on an intranet? Which certificate type is needed to create a secure website. I do have a basic certificate but don't know which options to choose/click in IIS so that users data will be encrypted on the intranet. Please help.
    Thanks

  • #2
    Re: Secure traffic on IIS

    It's actually really really easy if you are running your own Certificate Authority on one of your servers, particularly an Enterprise CA. You can enroll for a certificate right within your IIS website properties and receive and install the certificate all in one transaction.

    So do you have your own CA server or are you obtaining a certificate from a company on the internet?

    Jas
    VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
    boche.net - VMware Virtualization Evangelist
    My advice has no warranties. Follow at your own risk.

    Comment


    • #3
      Re: Secure traffic on IIS

      Yes, we do have our own local CA server.

      Comment


      • #4
        Re: Secure traffic on IIS

        Is it a Windows CA?

        Enterprise CA or Stand Alone CA?

        This matters because the steps will be somewhat different depending..
        VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
        boche.net - VMware Virtualization Evangelist
        My advice has no warranties. Follow at your own risk.

        Comment


        • #5
          Re: Secure traffic on IIS

          Its a stand alone Certificate Authority server

          Comment


          • #6
            Re: Secure traffic on IIS

            Hi,

            Do you have the cetsrv website component installed so that you can manually submit certificate requests? The website URL would be http://server name/certsrv
            VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
            boche.net - VMware Virtualization Evangelist
            My advice has no warranties. Follow at your own risk.

            Comment


            • #7
              Re: Secure traffic on IIS

              Yes indeed

              Comment


              • #8
                Re: Secure traffic on IIS

                Can you please also explain how to configure a Certificate Authority Server to be able to get certificates locally using a web interface i.e. iExplorer etc. We have a CA server deployed by some other person in other department. Just for curiosity, I want to see how we can set it up.
                Thanks

                Comment


                • #9
                  Re: Secure traffic on IIS

                  Try the following within IE:

                  \\Cert Authority IP Address\certsrv

                  This should get you access to the web interface.

                  Hope this helps

                  Michael
                  Michael Armstrong
                  www.m80arm.co.uk
                  MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

                  ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                  Comment


                  • #10
                    Re: Secure traffic on IIS

                    Jason: I'm lost in the middle, how I can set up the website that users will have encrypted data when they are accessing the website. They should type https://
                    before the web address. Please go simple. I've installed the certificate on the webserver box. What next now?

                    Thanks

                    Comment


                    • #11
                      Re: Secure traffic on IIS

                      didn't you find this one??
                      http://www.petri.com/configure_ssl_o...e_with_iis.htm
                      Marcel
                      Technical Consultant
                      Netherlands
                      http://www.phetios.com
                      http://blog.nessus.nl

                      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                      "No matter how secure, there is always the human factor."

                      "Enjoy life today, tomorrow may never come."
                      "If you're going through hell, keep going. ~Winston Churchill"

                      Comment


                      • #12
                        Re: Secure traffic on IIS

                        If you have already installed the cert on the IIS website, then you are 98% of the way there my friend.

                        Just to be sure you've done it right though I will supply the screens so we're on the same page.

                        The certificate gets imported on the Directory Security tab.
                        The SSL port (443) is supplied on the Web Site tab.
                        Attached Files
                        VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
                        boche.net - VMware Virtualization Evangelist
                        My advice has no warranties. Follow at your own risk.

                        Comment


                        • #13
                          Re: Secure traffic on IIS

                          Don't we have to enable 128 SSL encryption manually by performing: Directory Security > Secure Communication > Edit > and enable Require Secure Channel (SSL)?

                          Comment


                          • #14
                            Re: Secure traffic on IIS

                            did you read the url I provided?
                            Marcel
                            Technical Consultant
                            Netherlands
                            http://www.phetios.com
                            http://blog.nessus.nl

                            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                            "No matter how secure, there is always the human factor."

                            "Enjoy life today, tomorrow may never come."
                            "If you're going through hell, keep going. ~Winston Churchill"

                            Comment


                            • #15
                              Re: Secure traffic on IIS

                              I read that article

                              Comment

                              Working...
                              X