zoukankan      html  css  js  c++  java
  • Import SHA2 SSL cert to Windows IIS7

    Import SHA2 SSL cert to Windows IIS7

    1.You will get 3 piece of certs from GeoTrust, and save them to below

    1)=server.cert: Issue to "*.domain.cn", Issue from "GeoTrust SSL CA-G4"
    2)=middle.cer: Issue to "GeoTrust SSL CA-G4", Issue from "GeoTrust Global CA"
    3)=cross.cer: Issue to "GeoTrust Global CA", Issue from "Equifax Secure Cerificate Authority"

    2. Transter your cert to PFX format

    1) prepare your private key and server.cert
    2) access https://www.trustasia.com/tools/cert-convert/ ,
    3) source:PEM, target:PKCS12
    4) input certificate password
    5) save PFX to your PC

    3. Import PFX and adjust cert chain

    1) Open MMC in the run CMD
    2) Click Add/Remove Snap-in
    3) Add Certificate to "selected snap-ins"
    4) Select "Computer account" and push Ok
    5) Go to Personal->Certificates->Right click and import new SHA2 PFX file to the server
    6) Input import password and complete the importing
    7) Import mid.cer and cross.cer to Intermediate Certification Authority/certificates
    8) verify new personal certificates has 4 level path chain, if still has 3 level path
    9) remove the cert which Issue to "GeoTrust Global CA", Issue from "GeoTrust Global CA"
    10)now your new personal certificates has 4 level path chain

    4. Bind cert to IIS

    1) go to IIS manager,
    2) select site and right edit bindings
    3) edit https, select new SSL certificate
    4) restart IIS service

    5. testing

    https://www.trustasia.com/tools/ssl-checker/
    mid.cer and cross.cer is public, so you can get it from trustasia. but server.cer from GeoTrust privately.

  • 相关阅读:
    sublime text 前端插件安装
    echarts常用的配置项
    2018年okr
    charlse配置
    运维笔记
    移动端开发兼容问题全记录
    centos6下python开发环境搭建
    centos安装python2.7
    centos6安装MariaDB
    pzea上centos6安装mysql57
  • 原文地址:https://www.cnblogs.com/oskb/p/4168938.html
Copyright © 2011-2022 走看看