In a production environment communication between StoreFront server and end user devices should be secured using HTTPS protocol. In order to use HTTPS, StoreFront requires that the Microsoft Internet Information Services (IIS) instance hosting the authentication service and associated stores is configured for HTTPS. In this article I will provide a simple instruction how to install certificate issued by internal Certificate Authority (CA) to IIS 8 instance .
Assumptions:
- Servers hosting StoreFront role are installed and joined to the same Active Directory domain
- Microsoft Certificate Authority is installed and Web Server certificate template is configured.
How to request and install certificate in IIS
1. Open Server manager and launch Internet Information Services (IIS)
6. The Certificate Signing Request (CSR) is sent to the internal CA, the CA will automatically issue the certificate (certificate is created based on a configured Web Server certificate template) and the wizard will automatically install that certificate on the machine. Newly installed certificate is displayed in the server certificate pane as it is shown in Figure 6.
9. In the Add Site Bindings window, enter the following information and click OK to continue:
Type: In the drop-down list, select https.
IP address: In the drop-down list, select All unassigned. If your server has multiple IP addresses, select the one that applies.
Port: Enter 443, unless you are using a non-standard port for SSL traffic.
SSL certificate: In the drop-down list, select the friendly name of the certificate which was installed in step 6.
The SSL certificate is now installed and website is configured to accept secure connections.
How to verify HTTPS binding
11. Open IIS Manager. In the left pane expand server name, expand Sites and select the site that you want to configure with your SSL Certificate and click Browse *:443 in the Actions pane.
I followed these instructions, but my storefront says in the status of the Store: No certificate associated with this Storefront server.
Any ideas?
Thank you
thank you! nice and tidy!
Great article, simple stuff but so helpful when one needs to sort out a an expired cert in the middle of a Sunday.
Many thanks Andrzej!
Great article. Thank you!
Thank you
Thanks for sharing information about citrix component & other topics. Great !!!
Perfect, It helped me to renew a certificate on my Citrix environment.
thanks for sharing