SelfSSL version 1.0 is a command-line executable tool that you can use to generate and install a self-signed Secure Sockets Layer (SSL) certificate for Internet Information Services (IIS) 6.0. Because SelfSSL generates a self-signed certificate that does not originate from a commonly trusted source, the tool's usefulness is limited to two specific scenarios:
- When you need to create a secure private channel between your server and a limited, known group of users, such as exists in a software test environment. To establish this channel, send a copy of your certificate to clients that will use the Web site, so that the clients can add your SelfSSL-generated certificate to the list of trusted certificates.
- When you need to troubleshoot third-party certificate problems. If you run SelfSSL and successfully generate and install a certificate on IIS, then you know that IIS is functioning properly. In such a case, you might want to contact the third-party certificate issuer.
System Requirements
SelfSSL is compatible with IIS 6.0 running on the Microsoft® Windows® Server 2003 operating system.
SelfSSL uses the following syntax:
SELFSSL [/T] [/N:cn] [/K:keylength] [/V:duration-of-validity] [/S:site-id] [/P:port] [/Q]
Parameters
- /T
- Adds the self-signed certificate to the "Trusted Certificates" list. The local browser trusts the self-signed certificate only if this parameter has been specified.
- /N:cn
- Specifies the common name of the certificate. The computer name is used if you do not specify a common name.
- /K:keylength
- Specifies the certificate key length. The default is 1024.
- /V:duration-of-validity
- Specifies the duration for which the certificate is valid. The default is 7 days.
- /S:site-id
- Specifies the site ID of the SSL-protected site. The default is 1 for the default Web site.
- /P:port
- Specifies the SSL port. The default is 443.
- /Q
- Specifies Quiet mode. In Quiet mode, any existent settings for the site are overwritten silently.
- Download IIS 6.0 Resource Kit Tools (requires Windows Server 2003, Windows XP)
- Install the resource kit (If you want hand-holding through these steps, read these instructions with screenshots by Jonathan Maltz)
- From the Windows Start Menu, go to the "\Programs\IIS Resources\SelfSSL" folder and select "SelfSSL".
- Instructions will be listed in a command prompt. Type "selfssl" to run the program.
- Type "y" to confirm overriding/installing the certificate on the given site.
- Test that it worked by visiting https://localhost/.
This is an awesome little resource that will save me soooo much time. Thanks for making it known.
ReplyDeleteDo you how the site id parameter is used? Is the number assigned here arbitrary or is it somehow related to the sites in my localhost? If so how would I find that number? I have multiple sites running under my localhost default website in IIS. Should each site be assigned a seperate id? and can it be run multiple times? Just curious what that number's for and how its used.
Thanks!
I'm beginning to tap into the knowledge of tryint to Create SSL Certificate and this glossary is a great resource and I'm in agreement with the previous comment.
ReplyDelete