All Products
Search

This Product

    :How to use IIS to build HTTPS website on an ECS instance with Windows operating system

    Document Center

    :How to use IIS to build HTTPS website on an ECS instance with Windows operating system

    Last Updated:Mar 31, 2022

    Overview

    This article describes how to use IIS to build HTTPS websites in ECS instances running Windows.

    Detail

    The following steps describe how to use IIS to build HTTPS-based websites on ECS instances running Windows.

    Step 1: Create a certificate

    1. Use Windows Server 2008 R2 CA Service to create certificates and Server Manager in add roles.
    2. Select Active Directory Certificate Services.
    3. When you add services, you must select three services: certificate authority, certificate authority Web registration, and online responder.
    4. Because it is not a domain control environment, select independent.
    5. Select the root CA for the first CA to be installed.
    6. Select new private key.
    7. The default values are fine. You can also select custom settings.
    8. The name of the CA here. We recommend that you use the default value.
    9. The time to set the certificate. The default value is 5 years. You can set the time as needed.
    10. Select the database location for the certificate and log location.

    Step 2: Create an IIS service

    1. After the CA certificate is installed, the installation program automatically starts the IIS installation.
    2. In this case, you need to select ASP.NET and . NET extensibility.
    3. Note that after you install a certificate, you cannot change the computer name or domain name.
    4. Finally, ensure that the certificate service and Web server are installed successfully.

    Step 3: create a self-signed certificate

    1. Select the server certificate in IIS Manager.
    2. Select the created certificate, and then select create Self signed certificate.
    3. Set a friendly name.

    Step 4: Build an HTTPS website

    1. Add a new website.
    2. Set up the website's home directory, set the type to https, SSL Certificates Service select pre-the name of the setting, this paper takes the aliyunca as an example
    3. Set a test page for index.html in the system directory.
    4. Open the default document for the system.
    5. Move the index.html default document to the top.
    6. When you test the access over HTTPS on an external network, you confirm that the service can be accessed. Because the certificate is not issued by a public CA, a security prompt is displayed. Click continue browsing this website. Generally, if you have purchased a CA certificate and used a paid certificate, you will not be prompted for security risks.
    7. Verify that you can access the website properly.

    Application scope

    • Elastic Compute Service