A Non-IT Professionals Guide To Generating A Wildcard SSL Certificate On Windows 2012

Through the various versions of the Windows servers additional features have been created to make the process of obtaining a Wildcard SSL certificate, or any SSL/TLS product much easier.

However, for those new to the IT field or for those installing a certificate for a first time there are some important steps and processes to complete. By doing everything in order and ensuring all data is correct before entering, everything from generating the Certificate Signing Request to completing the installation of the Wildcard SSL certificate on Windows 2012 servers will be straightforward and easy.

The key factor to keep in mind starts with remembering the meaning of SSL. This technology is designed to allow a client and a server to transmit information securely using encryption and decryption. This encryption and decryption are done by related public and private keys. The public keys encrypt data from the client to the server. The private key, which has to be mathematically related to the specific public key for that site then decrypts the information.

For a wildcard or any other SSL/TLS product, this is a simple reminder to generate the CSR on the server it will be used. If you are planning on installing on multiple servers, you will first complete the original install and then use export and import functions to apply the SSL/TLS product to the other servers in the network. This export and import procedure will include both the certificate and the private key for the subsequent servers to create the secure connection.

Generating The Certificate Signing Request

Every SSL/TLS product requires the applicant to generate a CSR from the server where the certificate and keys will be installed. This is done through the IIS Manager and it is a very simple process.

The CSR provides the Certificate Authority (CA) with the information needed to complete the validation process and to issue the files needed to install.

From the IIS Manager choose the Server Certificate icon and then look to the right under the Actions panel. You will need to click on "Create Certificate Request" which should be the first choice on the menu

You will then be prompted to fill in a series of lines. This will include providing the name. This is the most critical aspect for the Wildcard SSL certificate on Windows 2012 as you need to include the (*) asterisk to create the wildcard.

This is the same with all Certificate Signing Request on any server. Once you have submitted the Wildcard SSL certificate on Windows 2012 servers, it will cover both the main domain and the subdomains. To facilitate this, it will be necessary to include the (*) at the level of subdomain or second or subsequent subdomain required.

To give you some examples, if you were to submit the CSR for a Wildcard SSL certificate on Windows 2012 with the common name of *.mywebsite.com it would provide SSL security for:

  • abc.mywebsite.com
  • mail.mywebsite.com
  • www.mywebsite.com
  • blog.mywebsite.com

This list is potentially unlimited and you can continue to add subdomains. They do not need to be listed on the Wildcard Certificate Signing Request as the (*) acts as a placeholder for all existing and new options.

Other Important Checks

Be sure to fill in all spaces on the CSR whenever possible, but leaving something blank, particularly the organizational unit will not cause a problem or it will be caught by the CA. This includes the full legal name of the company (organization) which will include the LLC or Inc. designations if they are in the legal company name.

These do not need to be written out and just the abbreviated form will work. For all other information, other than the country code, use the full name without any short versions or local common names. You will use a two letter code for the country. On the IIS Manager form, use the drop down box and select the correct ISO two letter code that is the right match.

It is critical to ensure that the information provided with the Certificate Signing Request is identical to what is only legal documents. This is necessary for our system to be able to quickly and effectively validate the information provided. Within just minutes you will have the files you need to install the Wildcard SSL certificate on Windows 2012.

If you need any help, or even if you have some questions before your purchase, contact our sales team. We are available by phone at +1 888 266 6361 or online through the live chat system or email at https://www.instantssl.com.

Related Articles
Back to TOP