How to install SSL certificate on IIS 7?

Install to Web Server

1. Open Internet Information Services Manager (IISM) to the appropriate Server Start -> Administrative Tools -> IISM -> Server Name

2. Open the Server Certificates icon.

3. Open 'Complete Certificate Request' Wizard

From the 'Actions' Menu on the left select 'Complete Certificate Request'

4. Proceed to Complete Certificate Request' Wizard

Fill out all appropriate information. You can find the CRT file in the e-mail, sent by Sectigo. You can also obtain the CRT file from your Dashboard at ClouDNS. The file name will include your domain name with .crt suffix (e.g. You may need to browse to the location of the certificate or you may enter it in the provided box. The friendly is not part of the certificate itself, but is used by the server administrator to easily distinguish the certificate.

Note: There is a known issue in IIS 7 giving the following error: "Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created." You may also receive a message stating "ASN1 bad tag value met". If this is the same server that you generated the CSR on then, in most cases, the certificate is actually installed. Simply cancel the dialog and press "F5" to refresh the list of server certificates. If the new certificate is now in the list, you can continue with the next step. If it is not in the list, you will need to reissue your certificate using a new CSR (see our CSR creation instructions for Windows). 

Assign to Website

1. Navigate back to the root of the appropriate website. The center of the window should say "Default Website Home" or whatever the name of the website is.

2. Select 'Bindings' from the 'Edit Site' sub menu.

3. Add Port 443

In the 'Site Bindings' window, click 'Add'.

This will open the 'Add Site Binding' window. Under 'Type' choose https. The IP address should be the IP address of the site or All Unassigned, and the port over which traffic will be secured by SSL is usually 443. The 'SSL Certificate' field should specify the certificate that was installed using the above steps.

Click 'OK' to save changes.

Note: There may already be an 'https' entry in this area. If so, click 'https' to highlight it. Then click 'Edit' and in the 'SSL certificate' area select the friendly name that was generated earlier. Click 'OK' to save changes. 

Click 'OK' on the 'Web Site Bindings' Window to complete the install.

Important: You must now restart IIS / the website to complete the install of the certificate.

Single SSL on multiple servers

These days it often happens to have multiple web servers for a single web page. If this is your case, you do not have to buy an SSL certificate for each server. You can use one single SSL certificate for all of them. To do it, you have to install the Private Key from the web server, on which CSR was generated and the certificates sent by Sectigo on each web server. Have in mind, that if you are using Wildcard SSL certificate, the CSR must be generated with Wildcard. For example, if you will generate a CSR for Wildcard SSL certificate for domain name, the CSR must be generated for *

Last modified: 2024-01-10
Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more