How to setup SSL on an IIS development server?

Question

Our team has a Windows 2008 server which is used primary for a common IIS dev box.

I want to enable SSL on one of the websites on IIS, so that it can only be accessed via HTTPS.

I created a self-signing certificate in IIS and installed it. However when I access the website via the browser (Chrome, Firefox or IE - doesn't matter), it always gives the scary..."this is not secure" screen. I've tried installing the certificate on my own computer, rebooting and I still get that screen.

One thing that I noticed is when I create a self-signed certificate, it adds the domain name to it...for instance, the name of the box is webIIS and our login domain is COMPANYDOMAIN. So it will say that the certificate was created by webIIS.COMPANYDOMAIN.com. This url resolves to nothing, since there is no such thing.

Am I going about it the wrong way?

Answer 1

I've answered a similar question here.

Few afterwords:

• Your server should have a dns name. If it is in a domain (Active directory or something) it surely does. Find it, use it in CN of the SSL certificate.
• CA that will issue SSL certificate should be trusted by clients accessing the server and by the server itself. Place CA certificate in Trusted Root Store (in LocalMachine store) on the server and all clients that will access it. If you have Active Directory it should be pretty simple to distribute it.
• CRL that CA has to issue in defined intervals (it's up to you if the CRL will be issued one a day, month, year or lifetime) has to be accessible by clients and server. Either place it at http url that you gave when issuing SSL certificate or manually place in each certificate store (in Trusted Root Store).