To install a Standard EV SSL or Secure Site EV SSL certificate on a Microsoft IIS 5 or IIS 6 server, perform the following steps:
Installing an SSL Certificate
IMPORTANT:
In order for your SSL Certificate to function properly, you must download and install the VeriSign Intermediate CA Certificate on your Web server. Microsoft Internet
Information Services (IIS) 5.0 and above automatically installs the Intermediate CA Certificate when you install the SSL Certificate and does not require separate installation.
- Obtain your EV SSL Certificate using one of the following methods:
- From the Approval email as a cert.cer attachment. If the attachment has been stripped from the email, retrieve the certificate from the body of the Approval email. For instructions on retrieving the certificate from the body of the email see solution SO2132
- Download the Certificate from your account
- To download your Secure Site EV Certificate from your VeriSign Certificate Center account, see solution SO8061
- To download your Standard EV SSL Certificate from your Managed PKI for SSL subscriber services page, see solution SO6621
- Open the Internet Services Manager (IIS). Click Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manger
- Under Web Sites, right-click your web site and select Properties
- Click the Directory Security tab
- Under Secure Communications, click Server Certificate
- The Web Site Certificate Wizard will open, click Next
Important: The pending request must match the response file. If you deleted the pending request in error you must generate a new CSR and replace this certificate
- Choose Process the Pending Request and Install the Certificate, then click Next
- Select the location of the certificate response file, and then click Next
- Read the summary screen to be sure that you are processing the correct certificate and then click Next
- You see a confirmation screen. After you read this information, click Next.
- Stop and start your Web server prior to any testing
- Be sure to assign your site an SSL port (443 by default)
- If you do not specify an IP address when installing your SSL Certificate, the same ID will be used for all virtual servers created on the system
- If you are hosting multiple sites on a single server, you can specify that the ID only be used for a particular server IP address
Note: Now that you have installed your EV SSL certificate, VeriSign recommends that you export/back up your certificate. For instructions on how to back up your certificate see solution SO911
Note: If you need to migrate the EV SSL Certificate from one Microsoft IIS 5.0 or above server to another Microsoft IIS 5.0 or above server see solution SO2165