Configure Certificate for Web Server 2012 R2

Published: 18 June 2017
on channel: microsoft lab
13,636
44

Donate Us : paypal.me/MicrosoftLab

Configure Certificate for Web Server 2012 R2

1. Prepare

DC11 : Domain Controller ( pns.vn ) | DC12 : Certificate Server ; IP 10.0.0.12 | DC13 : Web Server ; IP 10.0.0.13 | WIN1091 : Client

2. Step by step : Configure certificate for DC13 ( web server )

DC11 : Create a record DNS point www.pns.vn to 10.0.0.13

DC13 : Install IIS, create a Website text simple

Server Manager - Manager - Add Roles and Features - Next to Server Roles - Select Web Server (IIS) - Add Features - Next to Confirmation - Install - Close

Create a folder "Web" on C, create a Website text simple

Server Manager - Tools - Internet Information Services (IIS) Manager - DC13 - Site - Right-Click Default Web Site - remove - Yes - Right-Click Sites - Add Website... :

Site name : WEB | Physical path : C:\WEB | Host name : www.pns.vn - OK

WIN1091 : Test Website. Click Internet Explorer - http://www.pns.vn === OK

DC12 : Install and configure Certificate Services

Server Manager - Manage - Add Roles and Features - Next to Server Roles : Select "Active Directory Certificate Services" - Add Features

Next to Role Services : Select "Certification Authority" and "Certification Authority Web Enrollment" - Add Features - Install

Notifications - Congifure Active Directory Certificate Services on the distination server

Role Service : Select "Certification Authority" and "Certification Authority Web Enrollment" - Setup Type : Standalone CA

Next to CA Name : Common name for this CA : PNS-CA - Next to Configure - Close

DC13 : Request Certificate

Internet Information Services (IIS) Manager - DC13 - Server Certificates - Create Certificate Request...

Common name : Certificate for Web | Organization : PNS | Organizational unit : IT | City/locality : HANOI | State/Province : HAIBATRUNG | Country/region : VN

Next to File Name : Specify a file name for the certificate request : - Browse to Desktop - CA.txt - Open - Finish

Interner Explorer - http://10.0.0.12/certsrv/ - Request a certificate - advanced certificate request

Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file

Base-64-encoded certificate request (CMC or PKCS #10 or PKCS #7): Copy and paste all file CA.txt - Submit

DC12 : Issue for request from DC13

Server Manager - Tools - Certification Authority - PNS-CA - Pending Requests - Right-click Certificate Request - All Tasks - Issue

DC13 : Download and import certificates

Interner Explorer - http://10.0.0.12/certsrv/ - View the status of a pending certificate request - Saved-Request Certificate - Download all

Start - MMC - File - Add, Remove Snap-in...- Certificates - Add - My user account - Finish - Console Root - Certificate - Current User

Trusted Root Certification Authorities - Right-click Certificates - All Tasks - Import... - Browse... to Desktop - certnew.cer - Finish (do the same for certnew.p7b)

Internet Information Services (IIS) Manager - DC13 - Server Certificates - Complete Certificate Request... :

File name containing... : Browse to certnew.cer | Friendly name : Certificate for Web

Right-click WEB - Edit Bindings... - Add... - Type : https, Host name : www.pns.vn , SSL certificate - Select... - Certificate for Web

Remove type http

WIN1091 : Test access Web. Interner Explorer :

http://www.pns.vn === Fail

https://www.pns.vn === OK with warning certificate ^^


Watch video Configure Certificate for Web Server 2012 R2 online without registration, duration hours minute second in high quality. This video was added by user microsoft lab 18 June 2017, don't forget to share it with your friends and acquaintances, it has been viewed on our site 13,636 once and liked it 44 people.