2431
Comment:
|
2118
|
Deletions are marked like this. | Additions are marked like this. |
Line 7: | Line 7: |
1. Install IIS 10 (include the management service) 1. See [[https://docs.microsoft.com/en-us/iis/manage/remote-administration/remote-administration-for-iis-manager|remote administration]] docs. 1. If not installed on the Windows Client, install IIS management Console from [[https://www.microsoft.com/en-us/download/details.aspx?id=41177|here]]. a. Although this is nice to have on hand, you will have to use the GUI installed on the server (along with the feature on demand: AppCompatibility see [[https://docs.microsoft.com/en-us/windows-server/get-started/server-core-app-compatibility-feature-on-demand|here]] |
1. Install IIS Latest (include the management service) 1. Optionally [[IISInstallCertificateFromCommandLine]]. If you take this option, you will complete everything but the next item, which you do need! 1. See [[https://docs.microsoft.com/en-us/iis/manage/remote-administration/remote-administration-for-iis-manager|remote administration]] docs. |
Line 13: | Line 12: |
1. Make sure to use your full hostname for the common name. E.g. I used "cpte230b.scot.anderson.internal" | 1. Make sure to use your full hostname for the common name. E.g. I used "cpte230b.scot.internal" |
Line 33: | Line 32: |
CPTE 230B (192.168.1.3) |
Lab 07
Perform the following
- Install a AD Certificate server on CPTE230A.
- I used all defaults for my AD Certificate server as a Enterprise Root CA.
- Install IIS with an X.508 certificate for your default site on CPTE230A
- Install IIS Latest (include the management service)
Optionally IISInstallCertificateFromCommandLine. If you take this option, you will complete everything but the next item, which you do need!
See remote administration docs.
- With the Server selected in the navigation pane, double click the Server Certificates icon in the central details pane.
- Click on: Create a Certificate Request... in the action pane.
- Make sure to use your full hostname for the common name. E.g. I used "cpte230b.scot.internal"
- Copy the file CPTE230A.
From a command prompt type: certreq -submit -attrib “CertificateTemplate:WebServer” “C:\...\cert.req” This will create a file containing you certificate to install.
- Copy the certificate file to your CPTE230B machine.
- Click on "Complete Certificate Request..."
- Select the certificate file you copied from CPTE230A
- Choose type as Web Hosting.
- Click on your default web site to bind the certificate to your website.
- Click on Bindings, and click on ADD
- Add a binding for https and select the certificate that you just imported.
Document the new services for each server on a new page named services I.e.
Services Installed:
CPTE230A (192.168.1.2)
- AD Certificate Authority
- IIS (With SSL Certificate from AD Cert. Auth.)
Note we will be installing a webservice on CPTE 230 B in the next lab.
Video Grade Guide
Topics |
Points |
Video shows the Certificate Server and certificates issued on CPTE230A |
30 |
Video shows a website showing certificate, and that it is trusted by your browser. |
60 |
Video talks through the documentation |
10 |