Differences between revisions 38 and 42 (spanning 4 versions)
Revision 38 as of 2023-10-26 18:35:59
Size: 2095
Editor: scot
Comment:
Revision 42 as of 2023-11-02 19:30:29
Size: 2295
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
    1. I used all defaults for my AD Certificate server as a Enterprise Root CA.     1. I used all defaults for configuring my AD Certificate server as a Enterprise Root CA. If you haven't done this step, look at the server management console and click on the Yellow Triangle and click on configure your certificate authority link.
Line 8: Line 8:
    1. Using IIS Admin Console: With the Server selected in the navigation pane, double click the Server Certificates icon in the central details pane.
    1. Click on: "Create Domain Certificate..." in the action pane.
    1. Make sure to use your full hostname for the common name. E.g. I used "cptr230a.scot.internal"
 1. Click on your default web site to bind the certificate to your website.
    1. Click on Bindings, and click on ADD
    1. Add a binding for https and select the certificate that you just created.

{{{#!wiki comment
Line 10: Line 18:
    1. Using IIS Admin Console: With the Server selected in the navigation pane, double click the Server Certificates icon in the central details pane.
    1. Click on: Create a Certificate Request... in the action pane.
    1. Make sure to use your full hostname for the common name. E.g. I used "cptr230a.scot.internal"
 1. From a command prompt type: {{{certreq -submit -attrib “CertificateTemplate:WebServer” “C:\...\cert.req”}}} This will create a file containing you certificate to install. 		    1. From a command prompt type: certreq -submit -attrib “CertificateTemplate:WebServer” “C:\...\cert.req”          1. This will create a file containing you certificate to install.
Line 18: Line 24:
 1. Click on your default web site to bind the certificate to your website.
    1. Click on Bindings, and click on ADD
    1. Add a binding for https and select the certificate that you just imported. 		}}}

Lab 07

Perform the following

  1. Install a AD Certificate server on CPTR230A.
    1. I used all defaults for configuring my AD Certificate server as a Enterprise Root CA. If you haven't done this step, look at the server management console and click on the Yellow Triangle and click on configure your certificate authority link.
  2. Install IIS with an X.509 certificate for your default site on CPTR230A
    1. Install IIS Latest (include the management service)
    2. Using IIS Admin Console: With the Server selected in the navigation pane, double click the Server Certificates icon in the central details pane.
    3. Click on: "Create Domain Certificate..." in the action pane.
    4. Make sure to use your full hostname for the common name. E.g. I used "cptr230a.scot.internal"
  3. Click on your default web site to bind the certificate to your website.
    1. Click on Bindings, and click on ADD
    2. Add a binding for https and select the certificate that you just created.

Document the new services for each server on a new page named services I.e.

Services Installed:

CPTE230A (192.168.1.2)

  • AD Certificate Authority
  • IIS (With SSL Certificate from AD Cert. Auth.)

Video Grade Guide

Topics

Points

Video shows the Certificate Server and certificates issued on CPTE230A

30

Video shows a website showing certificate, and that it is trusted by your browser.

60

Video talks through the documentation

10

WindowsAdministration/Lab07WebServerInstall (last edited 2023-11-02 19:30:29 by scot)