Certificate Installation for Microsoft IIS 7x or 8x
- Note As an alternative to the manual instructions on this page, Comodo offers a free utility which will automatically install your certificate on your IIS website. Click here to find out more.
Install to Web Server
1. Open Internet Information Services Manager (IISM) to the appropriate Server
Start -> Administrative Tools -> IISM -> Server Name
2. Open the Server Certificates icon.
3. Open 'Complete Certificate Request' Wizard
From the 'Actions' Menu on the left select 'Complete Certificate Request'
4. Proceed to Complete Certificate Request' Wizard
Fill out all appropriate information. You may need to browse to the location of the certificate or you may enter it in the provided box. The friendly is not part of the certificate itself, but is used by the server administrator to easily distinguish the certificate.
Note: There is a known issue in IIS 7 giving the following error: "Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created." You may also receive a message stating "ASN1 bad tag value met". If this is the same server that you generated the CSR on then, in most cases, the certificate is actually installed. Simply cancel the dialog and press "F5" to refresh the list of server certificates. If the new certificate is now in the list, you can continue with the next step. If it is not in the list, you will need to reissue your certificate using a new CSR (see our CSR creation instructions for IIS 7). After creating a new CSR, login to your Comodo account and click the 'replace' button for your certificate.
Assign to Website
1. Navigate back to the root of the appropriate website. The center of the window should say "Default Website Home" or whatever the name of the website is.
2. Select 'Bindings' from the 'Edit Site' sub menu.
3. Add Port 443
In the 'Site Bindings' window, click 'Add'. This will open the 'Add Site Binding' window.
Under 'Type' choose https. The IP address should be the IP address of the site or All Unassigned, and the port over which traffic will be secured by SSL is usually 443. The 'SSL Certificate' field should specify the certificate that was installed using the above steps.
Click 'OK' to save changes.
Note: There may already be an 'https' entry in this area. If so, click 'https' to highlight it. Then click 'Edit' and in the 'SSL certificate' area select the friendly name that was generated earlier. Click 'OK' to save changes.
Click 'OK' on the 'Web Site Bindings' Window to complete the install.
Important: You must now restart IIS / the website to complete the install of the certificate.
Root and Intermediate Certificate installation via MMC