Donate Us : paypal.me/MicrosoftLab
Configure Certificate for Web Server 2012 R2
1. Prepare
DC11 : Domain Controller ( pns.vn ) | DC12 : Certificate Server ; IP 10.0.0.12 | DC13 : Web Server ; IP 10.0.0.13 | WIN1091 : Client
2. Step by step : Configure certificate for DC13 ( web server )
DC11 : Create a record DNS point www.pns.vn to 10.0.0.13
DC13 : Install IIS, create a Website text simple
Server Manager - Manager - Add Roles and Features - Next to Server Roles - Select Web Server (IIS) - Add Features - Next to Confirmation - Install - Close
Create a folder "Web" on C, create a Website text simple
Server Manager - Tools - Internet Information Services (IIS) Manager - DC13 - Site - Right-Click Default Web Site - remove - Yes - Right-Click Sites - Add Website... :
Site name : WEB | Physical path : C:\WEB | Host name : www.pns.vn - OK
WIN1091 : Test Website. Click Internet Explorer - http://www.pns.vn === OK
DC12 : Install and configure Certificate Services
Server Manager - Manage - Add Roles and Features - Next to Server Roles : Select "Active Directory Certificate Services" - Add Features
Next to Role Services : Select "Certification Authority" and "Certification Authority Web Enrollment" - Add Features - Install
Notifications - Congifure Active Directory Certificate Services on the distination server
Role Service : Select "Certification Authority" and "Certification Authority Web Enrollment" - Setup Type : Standalone CA
Next to CA Name : Common name for this CA : PNS-CA - Next to Configure - Close
DC13 : Request Certificate
Internet Information Services (IIS) Manager - DC13 - Server Certificates - Create Certificate Request...
Common name : Certificate for Web | Organization : PNS | Organizational unit : IT | City/locality : HANOI | State/Province : HAIBATRUNG | Country/region : VN
Next to File Name : Specify a file name for the certificate request : - Browse to Desktop - CA.txt - Open - Finish
Interner Explorer - http://10.0.0.12/certsrv/ - Request a certificate - advanced certificate request
Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file
Base-64-encoded certificate request (CMC or PKCS #10 or PKCS #7): Copy and paste all file CA.txt - Submit
DC12 : Issue for request from DC13
Server Manager - Tools - Certification Authority - PNS-CA - Pending Requests - Right-click Certificate Request - All Tasks - Issue
DC13 : Download and import certificates
Interner Explorer - http://10.0.0.12/certsrv/ - View the status of a pending certificate request - Saved-Request Certificate - Download all
Start - MMC - File - Add, Remove Snap-in...- Certificates - Add - My user account - Finish - Console Root - Certificate - Current User
Trusted Root Certification Authorities - Right-click Certificates - All Tasks - Import... - Browse... to Desktop - certnew.cer - Finish (do the same for certnew.p7b)
Internet Information Services (IIS) Manager - DC13 - Server Certificates - Complete Certificate Request... :
File name containing... : Browse to certnew.cer | Friendly name : Certificate for Web
Right-click WEB - Edit Bindings... - Add... - Type : https, Host name : www.pns.vn , SSL certificate - Select... - Certificate for Web
Remove type http
WIN1091 : Test access Web. Interner Explorer :
http://www.pns.vn === Fail
https://www.pns.vn === OK with warning certificate ^^
Watch video Configure Certificate for Web Server 2012 R2 online without registration, duration hours minute second in high quality. This video was added by user microsoft lab 18 June 2017, don't forget to share it with your friends and acquaintances, it has been viewed on our site 13,636 once and liked it 44 people.