To successfully set up SSL security site key to have the following conditions.
1. The server certificate needs to be obtained from a trusted certificate Authority ca.
2. The server certificate must be installed on the Web server.
3. The SSL feature must be enabled on the Web server.
4, the client (browser side) must trust the same certificate authority as the Web server, that is, the need to install a CA certificate.
Below, we control the above four, step-by-step operation
1: The server certificate needs to be obtained from a trusted certificate Authority CA (since we are doing the test environment locally, not the actual operation.) So here we create a certificate ourselves. If it is the actual operation, you need to get a certificate through the domain name vendor, which is going to cost money. )
2: The server certificate must be installed on the Web server.
Open IIS, locate the server certificate,
Click Create Self-signed certificate
Enter the name of the certificate you want to create, and I'm named Joeyssl
3. The SSL feature must be enabled on the Web server.
Next, we create a new local test site and bind the certificate that we just created.
Open the Hosts file to create the name of a site (for example Http://webjoeyssl then this webjoeyssl is the name of the site we need to create, I use hosts to resolve to local)
C:\Windows\System32\drivers\etc
Bind directories in IIS, bind HTTP and HTTPS
In addition, the binding type, first select the type of HTTP , although there is HTTPS, but still the first to ensure that the site can be accessed through HTTP, after all, most people are HTTP to open the site, but in some special need to encrypt the place to use HTTPS, We will bind HTTPS next, here is not urgent, unless your entire site is HTTPS use, then only select HTTPS.
the above test has been able to guaranteeHttp://webjoeysslas wellHttps://webjoeysslcan open the site.
Of course, we can also forcibly set the need to use SSL to access the site (at this point, only HTTPS to access, and HTTP will not be accessible)
But this will be a bit of a problem, you visit Http://webjoeyssl, the browser will error
4: The client (browser side) must trust the same certificate authority as the Web server, that is, the CA certificate needs to be installed.
We open http://webjoeyssl/or https://webjoeyssl/will prompt is not safe, click Continue to browse. In the real world, you get an actual certificate, so you don't have a problem with a similar report security certificate ,
Win7 installation of HTTPS SSL certificate under Windows Server 2008R2 (with HTTPS SSL local test environment)