skip to primary navigationskip to content
 

Configuring IIS to use SSL

You can configure IIS to use SSL relatively easily. The main consideration is the type of certificate to use.

Certificate Type

There are two choices, self certificate or a certificate from a recognised certificate authority. You should always use a certificate authority for production systems, especially systems which will be accessed by people outside of your department/college or outside the cam domain.

Certificate Authority

You should in most cases use a certificate from a trusted authority. UIS makes certificates available for the University from third parties, the source of these certificates does change over time but they are always from a reliable certificate authority.

Full information on this can be found at http://www.cam.ac.uk/cs/tlscerts/.

Self Certificate

Windows server comes with a certificate authority server which you can use to self certificate. This is useful for testing purposes or if you want an internal certificate only.

Generating a Self Certificate

To generate a self certificate and install a certificate of any type see the IIS Certificates page

Configuring IIS to use SSL

Once you have a valid certificate installed in IIS you need to enable SSL on your website.

  • Open the properties for the website, subfolder or virtual directory you want to secure with SSL.
  • Select the Directory Security tab.
  • In the Secure Communications section click Edit.
  • Put a tick in the box for "Require secure channel (SSL)".
  • Click OK, then Apply then OK.
  • Close IIS Manager.

ReStart IIS

In order for the changes to take place immediately you need to restart IIS or the server as a whole. Otherwise the changes will not take place for at least 10 minutes. To restart IIS on its own, open a command-line prompt on the server and enter:

  • iisreset /NOFORCE

This will restart IIS and complete the installation of the intermediate certificate.

 

Getting help


UIS Service Desk
General support queries

  Phone padded  (01223 7) 62999

UAS Service Desk
Administrative staff queries

  Phone padded  (01223 3) 32999

UIS bITe-size bulletin


A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >  |  Back issues

UIS Service Status

Phone padded  Service status line: (01223) 463085
Website padded  Sign up for SMS/email status alerts

RSS Feed Latest news

All University members now have access to Google G Suite@Cambridge

May 07, 2019

UIS enrolled all members of the University in our Google G Suite account, known as G Suite@Cambridge, on 2 May.

Upgrade Windows 7 machines before the operating system reaches end of life on 14 January 2020

Apr 30, 2019

Microsoft will stop supporting Windows 7 on 14 January 2020. The good news is that you may be entitled to a free upgrade to Windows 10, if your institution is participating in the University's EES agreement.

View all news