Enable Secure Sockets Layer (SSL) to encrypt data sent between a Web server and a client. To enable SSL, you must obtain and install a valid server certificate. You can acquire a server certificate from a certification authority (CA), which can be an internal Windows domain CA or a trusted third-party public CA. You can also create a self-signed server certificate for troubleshooting, testing, or application development. After obtaining the server certificate, you must install the certificate and bind the HTTPS protocol to your Web site.


You must first have a server certificate to create a site binding for HTTPS or to enable any SSL settings for a site. Server certificates can only be configured at the Web server level, but site bindings and SSL settings can only be configured at the site, application, or physical directory level.

There are a number of ways to obtain a server certificate. You can generate a self-signed certificate, purchase a certificate from an external third party-public certification authorities (CA), or request a certificate from an internal domain CA. Of the three options, self-signed certificates are the least secure and should only be used for testing or troubleshooting applications that use HTTPS.

  Step Reference
Check box

Obtain a server certificate appropriate for your project and then install the certificate in IIS.

Configuring Server Certificates

Check box

Create an HTTPS binding for the site that will host the encrypted data.

Add a Binding to a Web Site

Check box

Configure SSL settings for the site, application, or physical directory.

Configuring SSL Settings

See Also