How to bind SSL Certs to a locally hosted website on Windows 10 IIS

Question

I have a working local website which I enabled via IIS Manager on Windows 10 Home. Now I want to serve my website via HTTPS instead of HTTP. I have created and added self-signed SSL cert using OpenSSL and MMC (following this blog). However, when I tried to add the HTTPS binding to my website using the IIS Manager, there is NO cert displayed for me to add for the binding. See screen shot. Can someone suggest what I might be missing? How do I bind the key/cert to my local website under Windows 10?

Answer 1

It looks like you forgot to import .pfx file to your IIS server certificate.

Please go to IIS manager->server side->server certificates.

Then click import.. button to upload your certificate.

After uploading the certificate, you should be able to select your certificate in IIS binding.

Answer 2

OK, so it turns out the self-signed cert in the procedure is in the .cer/.pem format, whereas Windows IIS expects a .pfx. The confusion part is the fact the tutorial also demonstrates using Windows MMC and IIS, and that MMC "accepts" the .cer when I did the certificate import.

Bottomline: I need to package my .key and .cer files into a .pfx file using the following command before importing the cert into my Personal store:

openssl pkcs12 -export -out my.pfx -inkey my.key -in my.crt

During cert import using MMC, I did need to change the file extension using the dropdown list. Now this cert would show up when I add the website binding via IIS Manager.