How to install an SSL Certificate in Internet Information Services (IIS) Manager


This guide will walk you through the steps to install an SSL certificate within a Microsoft IIS environment. 

What You'll Need

  • The private key file you created with a CSR
  • The server certificate file
  • The intermediate certificate (preferably in a .cer format)


File Conversion

  1. Use a tool such as openssl to convert the private key and server certificate files into a pkcs12 format. 

    An example of a command is:
    openssl pkcs12 -export -out exported_cert_name.pfx -inkey private.key -in server.cer
    This command incorporates your private key (private.key) and server certificate (server.cer) into an exported .pfx (exported_cert_name.pfx) file which is usable within IIS.

Server Certificate Installation

  1. Access your IIS environment, loading up IIS Manager. Once in IIS Manager, select your server in the dropdown list. 
  2. Select Server Certificates
  3. Right-click and select Import. Locate the .pfx file you created in the Creating a .pfx file step. Set Certificate Store to Web Hosting
  4. Check the option Allow this certificate to be exported
  5. The certificate should now appear in the list. 

Intermediate Certificate Installation

  1. Press Windows + R for the Run prompt. Enter certlm.msc and click OK
  2. Navigate to Intermediate Certification Authorities > Certificates 
  3. Right-click the folder. Under All Tasks, select Import. Note: You can import many kinds of certificates, including .cer files. 

Applying the Certificate

  1. Return to IIS Manager. Under Sites, locate the website you are installing the SSL under. 
  2. Under the Actions menu, select Bindings...
  3. Under the 443 Port, select Edit
  4. Under SSL certificateselect the SSL the new SSL you wish to use. You can use View to confirm the certificate is valid. 
Have more questions? Submit a request