Using A Wildcard SSL Certificate With Windows Servers

One of the main marketing features of the entire Windows line of products, including their server platforms, is the ease of use the system offers. With the Windows IIS or Internet Information Server setup operating as an alternative to the Apache servers that are Linux-based or the other server options, the simplicity of completing operations is a bit plus.

Through the IIS Manager adding a Wildcard SSL certificate to Windows servers is actually a very simple process. It will be important to use the specific information for the IIS7, IIS8 or any other version of the platform that is in use. The specifics of the installation process will vary slightly, but if you have a good understanding of the meaning of SSL and the requirements of the installation process, the basics are very straightforward.

Generating the Certificate Signing Request

When applying to the Certificate Authority (CA) to obtain a Wildcard SSL certificate for Windows servers, you will need first to begin by generating a Certificate Signing Request or CSR. This is done on the Windows server you want to install the SSL/TLS certificate. If you are planning on adding the certificate to multiple servers, you will just need to choose one of the servers to generate the CSR.

During this process, which is done through the IIS Manager, you will start by clicking on the Connections panel to find the specific server. This is the server that is generating the CSR. Next, on the screen displayed in the middle panel, look for the Server Certificate icon. Click on this and you will find another central panel of the same name.

If there are any websites configured for SSL with current certificates they should be displayed here. On the right side of the screen at the top of the Actions panel you should see the words "Create Certificate Request."

This is another click and then fill in the respective lines on the form provided. There are a couple of important details to keep in mind at this point. It is important to use full names unless abbreviations are indicated. Do not abbreviate the names of locations, provinces or states. If you sure the Inc. or LLC. designation as the legal name of the company, including that in the Organization name. The country or region is designated by a two letter combination. When requesting a Wildcard SSL certificate for Windows servers use the standard two letter designation, just choose from the drop-down box options.

Finally, and here is a very important thing to check and double check, make sure the common name is correct to obtain a Wildcard SSL certificate for Windows. If you type in the actual common name, for example, you will not receive a wildcard certificate as it will only cover the "www" subdomain.

To create the ability to secure both the main domain the "www" options as well as all subdomains use the asterisk (*) in this place. This * will stand in for every other subdomain that exists now on the site as well as anything future you wish to add.

Next, you will need to choose the cryptographic service provider, typically RSA and a key bit length. You will need to select 2048 or higher to meet all required NIST standards. Next just select the file name and submit the request.

Installation of the Wildcard SSL Certificate for Windows

You will receive your files from Comodo in just minutes. From the files supplied you will need to copy them on the server and then go back into the IIS Manager. Choose the Server Certificates again and look under Actions for the Complete Certificate Request.

Access the files we sent you on your server and create a friendly name for the certificate and then press OK. In the center panel under Server Certificates, the new addition should be visible. The next step will be to bind the Wildcard SSL certificate for Windows to the website. This is also completed through the IIS Manager from the Default Web Site section and the binding area on the far right side.

For complete instructions on how to generate the Certificate Signing Request and complete the installation, see our knowledgebase section. If you have any problems or questions before buying the product, during the installation process or throughout the life of the certificate we are here to help.

Get in touch with us either by phone at +1 888 266 6361 or through the website at Either option will provide you with the information you need.

Related Articles
Back to TOP