Scribd Logo
Carica

Benvenuto in Scribd!

  • IBSS-LND Windows (Routine) IIS SSL Certificate Renewal

    Caricato da

    chandrasekhar nandigam
    15 visualizzazioni30 pagine

    Titolo originale

    IBSS-LND Windows (Routine) IIS SSL Certificate Renewal.doc

    Copyright

    © © All Rights Reserved

    Formati disponibili

    DOC, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato DOC, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    15 visualizzazioni30 pagine

    IBSS-LND Windows (Routine) IIS SSL Certificate Renewal

    Caricato da

    chandrasekhar nandigam

    Copyright:

    © All Rights Reserved
    Scarica in formato DOC, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 30

    Infrastructure Build

    & Support Services (IB2S)

    Microsoft Windows Server

    Support Team

    WELLS FARGO & CO


    Contents: Generating a Renewal IIS SSL Certificate

    Date Created: 9/1/2006


    Created By: David Hofman

    Date Revised: 5/19/2008


    Revised By: David Hofman

    Connect to and Log into the server where the SSL certificate needs to be renewed. Right-
    click My Computer located on the desktop and select Manage.

    WELLS FARGO & CO


    Scroll to the bottom and maximize Services and Applications. Below you will find Internet
    Information Services (IIS) as shown below.

    2
    Create a new temporary Web Site. Give it a unique name so it is not confusing to others, as
    shown below. This step may not be required but provides a safer certificate deployment.

    Right click the newly created site and choose Properties. Select the Directory Security Tab and
    then click on the Server Certificate button located near the bottom.

    3
    The Web Server Certificate wizard starts. Click Next.

    Select Create a new certificate.

    4
    Select Prepare the request now, but send later. Click Next.

    Make sure that the Bit Length is changed from the default to 1024.

    5
    Enter Organization and Organizational Unit as shown below.

    Enter the common name in lower case.

    6
    Complete State and City fields for your proper location.

    7
    Review to verify everything looks correct.

    Select Finish.

    8
    Log into the Certificate Management System to begin to process the CSR.

    9
    Select the proper certificate type. CAREFUL - CERTIFICATES ARE NOT
    INTERCHANGEABLE.

    Typically WF SSL is chosen for use with IIS

    Login using your non-admin LAN credentials.

    10
    Open the previously created CSR and Control-c to copy to clipboard for use in next step.

    11
    Be careful not to include any characters. Only copy section highlighted as shown above.

    Log in and complete required fields. Make sure you also use lnd-windows@wellsfargo.com to
    also be notified.

    12
    When you Control-v the formatting might look strange, but it is fine as long as you didnt
    include any spaces after CERTIFICATE REQUEST =====. Remember that our AU is 70581.
    Wells Fargo internal (non-verisign) certificates cost $1 a year.

    13
    Verify that everything looks good. Use Jim (Day shift) or Greg (Night shift) for the Approver and
    Select Continue. -screen shot for reference only- We do NOT use Paul Gallegos anymore.

    The parameters below are generated automatically from the CSR.

    14
    The parameters below are generated automatically from the CSR. IBSS-Lending is now used
    instead of LND-Windows

    The screen below indicates that the request has been completed successfully.

    15
    Below is a copy of what Jim or Greg receives. One of them then logs into the system and
    approves the request. It is sometimes helpful to notify Jim or Greg that a certificate request is
    pending approval.

    After one of them approves the request the certificate is generated and the following email is
    received.

    16
    Click on the link to log into the system start to download the certificate.

    17
    Click beneath the Requested SSL Certificate and click the PEM link to download.

    Select Save to download locally. When saving the certificate change the saved extension to
    .cer

    18
    19
    Connect to and Log into the server where the SSL certificate needs to be renewed. Right-
    click My Computer located on the desktop and select Manage. Scroll to the bottom and maximize
    Services and Applications. Below you will find Internet Information Services (IIS) as shown below.

    Select the Temporary Website that was created earlier.

    20
    Select the Directory Security tab.

    21
    Select to Process the pending request and install the certificate.

    22
    Locate the certificate that was downloaded earlier. Copy it to the destination server.

    Below is the location you copied the certificate to on the target server.

    23
    The screen below indicates the certificate parameters.

    This indicates that the certificate has been installed to the server.

    24
    This is safer than potentially deleting a working certificate prematurely.

    Remove the certificate from the temporary web site.

    25
    Verify parameters.

    26
    Now go to the ACTUAL site that the certificate is intended for and replace the existing
    certificate that is about to expire with the new certificate that will be in effect for the next year.

    Viewing the certificate displays the valid date range.

    27
    Delete the temporary website that was created earlier.

    28
    Stop and restart the website and then verify that the SSL is again working with the new
    certificate.

    This concludes the Generating a Renewal IIS SSL Certificate manual.

    29

    Potrebbero piacerti anche