DEV Community

Discussion on: blazer server on IIS

Collapse
guruguy00 profile image
Ken Darling Author

I am still working it out. I am new to web dev, I thought that I had managed to use http, but some users are still getting the warning. I do not believe I have a SSL cert, any resources on where I can go to figure out how/where to create an SSL Cert? and what to do with it once I have it.

Collapse
zez9787 profile image
Zach Zollner

sslshopper.com/article-how-to-crea...

That's a pretty long explanation of how to properly create a self signed cert. You can also do it through PowerShell with the below command if you're comfortable with that. Run the command on your web server. The below cert will last for 10 years which isn't that secure but it's what I've done for internal applications in the past.

New-SelfSignedCertificate -Subject "CN=IntranetApplications"
-DnsName [Name of application here] -CertStoreLocation cert:\localmachine\my -NotAfter (Get-Date).AddYears(10)

Once the cert has been generated, you can export it by opening the cert manager on the server and right clicking the cert All Tasks -> Export. Say yes to export the private key and give it a password.

Once the cert is exported, you can deploy it to all machines on your network through group policy or you can import it manually on each machine. That part is up to you. If you decide to deploy through group policy, import the policy into Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Public Key Policies -> Trusted Root Certification Authorities.

Hopefully that makes sense.