Install or renew an SSL certificate on Windows/IIS (Certbot): Difference between revisions

From Apoyar Wiki
Jump to navigation Jump to search
(Created page with "* Download https://dl.eff.org/certbot-beta-installer-win32.exe * Install the file * Make sure IIS has all required sited (the ones requiring SSL) set up and with proper ssl ho...")
(No difference)

Revision as of 08:58, 4 November 2020

  • Download https://dl.eff.org/certbot-beta-installer-win32.exe
  • Install the file
  • Make sure IIS has all required sited (the ones requiring SSL) set up and with proper ssl host headers (using appcmd)
  • Stop the World Wide Web Publishing Service
  • Open Command prompt as admin
  • cd C:\Program Files (x86)\Certbot\bin
  • run certbot certonly –standalone
  • follow the guidelines/prompts
  • find the saved cert and private key (usually in C:\Certbot\archive)
  • cd to the above folder
  • Make sure you have openssl installed. On Windows it comes with Git.
  • use openssl to convert it to *.pfx (including the quotes; replace the below path with the actual one you found above)
    • “C:\Program Files\Git\usr\bin\openssl” pkcs12 -export -out *.pfx -inkey *.key -in *.crt
  • start the World Wide Web Publishing Service
  • Open IIS manager
  • Find Server Certificates
  • Import the pfx
  • Go to Default web site/Bindings
  • Find the https(443) binding and edit
  • Change the certificate to the one you’ve imported
Retrieved from ‘https://wiki.apoyar.eu/index.php?title=Install_or_renew_an_SSL_certificate_on_Windows/IIS_(Certbot)&oldid=114