SelfSSL version 1.0 is a command-line executable tool that you can use to generate and install a self-signed Secure Sockets Layer (SSL) certificate for Internet Information Services (IIS) 6.0. Because SelfSSL generates a self-signed certificate that does not originate from a commonly trusted source, the tool's usefulness is limited to two specific scenarios:
- When you need to create a secure private channel between your server and a limited, known group of users, such as exists in a software test environment. To establish this channel, send a copy of your certificate to clients that will use the Web site, so that the clients can add your SelfSSL-generated certificate to the list of trusted certificates.
- When you need to troubleshoot third-party certificate problems. If you run SelfSSL and successfully generate and install a certificate on IIS, then you know that IIS is functioning properly. In such a case, you might want to contact the third-party certificate issuer.
System Requirements
SelfSSL is compatible with IIS 6.0 running on the Microsoft® Windows® Server 2003 operating system.
SelfSSL uses the following syntax:
SELFSSL [/T] [/N:cn] [/K:keylength] [/V:duration-of-validity] [/S:site-id] [/P:port] [/Q]
Parameters
- /T
- Adds the self-signed certificate to the "Trusted Certificates" list. The local browser trusts the self-signed certificate only if this parameter has been specified.
- /N:cn
- Specifies the common name of the certificate. The computer name is used if you do not specify a common name.
- /K:keylength
- Specifies the certificate key length. The default is 1024.
- /V:duration-of-validity
- Specifies the duration for which the certificate is valid. The default is 7 days.
- /S:site-id
- Specifies the site ID of the SSL-protected site. The default is 1 for the default Web site.
- /P:port
- Specifies the SSL port. The default is 443.
- /Q
- Specifies Quiet mode. In Quiet mode, any existent settings for the site are overwritten silently.
- Download IIS 6.0 Resource Kit Tools (requires Windows Server 2003, Windows XP)
- Install the resource kit (If you want hand-holding through these steps, read these instructions with screenshots by Jonathan Maltz)
- From the Windows Start Menu, go to the "\Programs\IIS Resources\SelfSSL" folder and select "SelfSSL".
- Instructions will be listed in a command prompt. Type "selfssl" to run the program.
- Type "y" to confirm overriding/installing the certificate on the given site.
- Test that it worked by visiting https://localhost/.