MEX Blog Article

Configuring SSL on Your Server

Configuring SSL on Your Server

SSL (Secure Sockets Layer) is used throughout the Internet, ranging from Government Corporation to small businesses. It is the standard security technology for encrypting the link/s between the Web and\or Mail Server/s to the Client. It is mostly used on websites that require personal information, mainly bank details.

MEX offers SSL to all our Hosted Customers, to allow for a more secure connection to all your valuable data that is stored on your Database on the hosted service.

For those of you that host your own data and are looking to set this up on your server, here is a simple guide to setting up your own SSL on your own server.

Firstly you will have to find a suitable and reliable company that offers SSL Certification. There are a few companies that offer this service; Go Daddy, Verisign, Comodo, Digicert and Thawte.  Here at MEX, we like to use the best services to ensure that all our customers are fully looked after when it comes to security, so we use Go Daddy. See more info about Go Daddy here: https://au.godaddy.com/ssl.aspx?ci=92455

Once you have spoken to your chosen SSL Provider, the next step will be to setup your MEX IIS server with this Certificate, see below for an IIS 8 certificate setup guide;

NB: ‘The following guide is for Windows Server 2012 and IIS 8’

First step in doing this, is to create a Certificate Signing Request (CSR)

  1. Open IIS Manager and navigate to your Main IIS website
  2. In the middle panel, double-click on the Server Certificates tab to open
  3. In the right-hand panel, click the ‘Create Certificate Request…’ link
  4. Fill in your Details;
    1. Common Name: Is the domain name or URL of your company
    2. Organization: Your Organization Name
    3. Organization Unit: Location of Server, i.e. HR, Engineering
    4. City/locality: i.e. Brisbane, Sydney                            (do not abbreviate)
    5. State/province: i.e. Queensland, South Australia     (do not abbreviate)
    6. Country/region: two letter code for your country
  5. Click Next and select ‘Microsoft RSA SChannel Cryptograhic Provider’ with a bit length of ‘2048’ or higher and click Next
  6. Click the eclipses button to browse for a location to save the file, then click Finish

Second step is to send the Request to your SSL Provider

  1. Locate the file that you saved (in the previous step) and copy ALL of the text
  2. Log into your SSL account and locate to the SSL Certificate Page
  3. Contact your SSL Provider for further information about how to send this code to them
  4. Once the code is received and processed, you will be able to download the certificate

Third step is to apply this Certificate to your IIS Server and each website that you wish to apply it to

  1. Save the certificate onto your server
  2. Open the IIS Manager and navigate to your Main IIS Website
  3. In the middle panel, double-click on the Server Certificates tab to open
  4. In the right-hand panel, click on the ‘Complete Certificate Request…’ link
  5. Click the eclipses button and navigate to the certificate, selecting the certificate with the (.crt) as the extension
  6. Give it a Friendly name (so you can recognize it)
  7. Leave the cert store as Personal and click OK

Complete Certificate Request
Complete Certificate Request Form

Now that it has been added, you just have to apply it to each website

  1. Expand sites and click the desired site, in the right-hand panel click the ‘Bindings…’ link
  2. Click the ‘Add…’ button and add the following details;
    1. Type: https
    2. IP Address: an IP address or leave default as ‘All Unassigned’
    3. Port: 443
    4. Host Name: your connection name. e.g.. hosting.mex.com.au
    5. SSL Certificate: Choose the certificate name that you just added
    6. Click Ok

Site Binding Setup
Site Binding Setup

The certificate has been added and now you can browse to your website using https

Hope this comes in handy!

SSL