Enable HTTPS

Your agency may be using an IIS server which requires configuration for HTTPS (Hypertext Transfer Protocol over Secure Socket Layer). HTTPS is specifically for security-sensitive communication use over the web. It provides authentication and encrypted communication, which is particularly important for payment transactions or corporate logins. SSL certificates authenticate the secure communication. This section provides instructions on how to configure IIS for HTTPS and how to apply an authentic SSL Certificate for your production environment.

Configure IIS for HTTPS

This section provides the information to download the Internet Information Services (IIS) Resource Kit Tools from Microsoft Download Center, install it on your server, and run the Self SSL utility to configure IIS for HTTPS. To allow the IIS server to access your site using HTTPS, you must stop the IIS server, run the utility program to completion, and then restart the IIS server.

To configure IIS for HTTPS

  1. Download the Internet Information Services (IIS) Resource Kit Tools.

    1. Open a web browser and go to the Microsoft Download Center.

      https://www.microsoft.com/en-us/download/details.aspx?id=5135

    2. Select Download.

  2. When the download is complete, install the IIS Resource Kit Tools on the server where you install IIS.

  3. Stop IIS server before running the SelfSSL utility program in step 4 below.

  4. Run the SelfSSL utility program to configure IIS for HTTPS

    1. Navigate to Start > All programs > IIS Resources > SelfSSL > Self SSL.

    2. Run to completion.

  5. Start IIS and access your site using https://.

Replace certificates

As part of the configuration process, a dummy SSL certificate can be used and configured for IIS. This type of SSL certificate works for test environments, but you must have an authentic SSL certificate from a certificate provider like Verisign, Thawte, InstantSSL, Entrust, Baltimore, or Geotrust for production environments. As soon as the real certificate is available, you can replace the dummy certificate with the real one by using the IIS Manager Admin tool.

To replace certificates

  1. Open IIS Manager.

  2. From the Web sites folder, right-click Default web site and select Properties from the list.

  3. Verify you are viewing the page associated with the Directory security tab.
  4. In the Secure communications section, select Server certificate.
  5. Install the new certificate by following the instructions provided by the Wizard.