Binding SSL certificates

While creating a self signed certificate, ensure to have the digital signature attribute in the certificate. In case of a CA certificate, ensure to have the SAN attribute for improved security.

During installation of Active Directory Administrator, use a self-signed certificate for REST APIs and the web client. Ensure this certificate is created using PowerShell and is added to the trusted store.

Binding SSL certificates to an IIS Server

To bind SSL certificates to an IIS Server:

  1. Open the Internet Information Services Manager (IIS).

  2. In the IIS window, under Connections, expand your server’s name and the required Sites.

  3. Under Actions, click Edit Site and then click Bindings.

  4. Under Site Bindings window, select binding for https and then click Edit.

  5. In the Edit Site Binding window, enter the following information:

    1

    IP Address

    Select All unassigned from the drop-down list. If your server has multiple IP addresses, select the one that applies.

    Host Name

    If you are using Server Name Indication (SNI), enter the host name that you are securing.

    Required Server Name Indication

    If you are using SNI, select this check box.

    SSL Certificate

    Select the appropriate certificate from the drop-down list.

  6. Click OK.