Thursday, 19 May 2022

How to use Let’s Encrypt with IIS on Windows Server 2016

 https://www.snel.com/support/lets-encrypt-on-windows-server-2016/

How to use Let’s Encrypt with IIS on Windows Server 2016

 

Download Let’s Encrypt Client

In this tutorial, we will use the win-acme client as it is open-source and actively developed. It can both generate and renew SSL certificates.

Download the latest version of the client from its Github releases page. Scroll down to the assets on the page and download the zip file with the name win-acme.v2.1.x.xxx.x64.trimmed.zip. For most users, the trimmed x64 release should be fine but in case you need to use any plugins, you should get the pluggable file. In this tutorial, we will use the trimmed file.

If you have trouble using Internet Explorer, you can follow our tutorial to install Google Chrome on the Windows Server. Once downloaded, extract win-acme to a safer location.

Step 5: Generate Let’s Encrypt Certificates

To generate the certificate, simply run wacs.exe from the client’s folder. Once the application starts, follow these steps.

  • Press N on the initial menu to choose the option to “Create a new certificate”.
  • Next, it will ask you which website(s) should be scanned for hostnames. You will be presented with a list of sites on your IIS server. Select the number corresponding to your site. (2 in our tutorial)

win acme

  • Next, it will list the site bindings(URLs) corresponding to your selection and ask you to select a binding. Since we had only 1 URL, we will choose option 3 which represents all bindings.
  • It will then ask you to confirm your selection. Enter y to proceed.

win acme screenshot

  • Next, it will ask you for your email address to send renewal notices. Enter your email id and enter n & y for the next two options to agree to the terms. You can also enter y for both the options but then it tries to open the TOS(Terms of Service) in the default pdf application which if you don’t have any will just result in a popup window you will need to dismiss.
  • That’s it. Your certificate is now ready for use. It will also create a scheduled task that will run daily to renew your certificate.

win acme downloads

Step 6: Verify SSL

To verify that the SSL is working, launch https://s30239.hosted-by-snel.com in your browser and you can see the valid certificate sign in the address bar. 

secure connection

Conclusion

That’s all for this tutorial. We covered how to install IIS server, set up a basic website and install SSL for your site using Let’s Encrypt service.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

Blog Archive