This guide walks through setting up Enterprise Tester in IIS 6 and IIS 7 to use an SSL Certificate (i.e. HTTPS). What the guide covers:
What it does not cover:
For details on installing an existing certificate see here:
In both IIS6 and IIS7 the general steps are:
To create a self signed certificate on IIS you must install the IIS6 resource kit, which can be downloaded from here:
Once installed, launch the "SelfSsl" tool from Start -> All Programs -> IIS Resources -> SelfSSL -> SelfSSL.
A command prompt window will appear. A self signed certificate can be generated from here. Enterprise Tester is normally associated with the default website, so in most cases a certificate can be generated by issuing the command:
Note that this will create a certificate which expires by default after 7 days. The certificate expiry can be changed to one year i.e. 365 days by using the following command line:
Press "Y" when prompted to set or replace the certificate. A self signed certificate should now be created.
The use of a secure channel (i.e. disabling HTTP) can be enforced by changing the Directory Security options of the "EnterpriseTester" website in IIS.
Enforcing a secure channel is optional. To support both HTTP and HTTPS, omit the following steps:
It is recommended that the secure channel is tested. Browse first to "http://localhost/EnterpriseTester/" i.e. the unsecured URL. Now using https i.e. https://localhost/EnterpriseTester/, should now provide access to Enterprise Tester.
For self-signed certificates a "certificate warning" message in the browser may be displayed. This is expected behavior for a self signed certificate. The best way to overcome this issue is use a 3rd party certificate from a trusted Certificate Authority (CA) such as Verisign.
Another side-effect of using a self-signed certificate is that browser's address bar may show up in red, as per the following screen shot:
You have now completed configuring IIS6 and Enterprise Tester to use HTTPS/SSL.
These instructions apply to both IIS7 and IIS7.5 (as feature in Windows Server 2008r2 & Windows 7)
Unlike IIS6, IIS7 features in-built support for generating Self Signed Certificates.
You now have HTTPS configured, but can still use unsecured HTTP connections. To disable HTTP for Enterprise Tester all together follow these steps:
Now, test the changes in the browser, first try browsing to "http://localhost/EnterpriseTester" -you should see an "Access denied" message, as below:
Try accessing Enterprise Tester using https i.e. https://localhost/EnterpriseTester. Access to Enterprise Tester should be success.
When using a self-signed certificate that most browsers will display a warning to the user - this is safe to ignore.
For self-signed certificates a "certificate warning" message may be displayed in the browser - this is expected behavior for a self signed certificate, the best way to overcome this issue is use a 3rd party certificate from a trusted Certificate Authority (CA) such as Verisign.