Step 1. Install the Server file certificate using Key Manager
Go to Key Manager.
Install the new IIS SSL Server certificate by clicking on the key in the www directory (usually a broken key icon with a line through it), and select "Install Key Certificate".
Enter the Password.
When you are prompted for bindings, add the IP and Port Number. "Any assigned" is acceptable if you do not have any other IIS SSL Certificate installed on the web server.
Note: Multiple certificates installed on the same web server will require a separate IP Address for each because SSL does not support host headers.
Go to the Computers menu and select the option "Commit Changes", or close Key Manager and select "Yes" when prompted to commit changes.
The new IIS SSL Server certificate is now successfully installed.
Back up the Key in Key Manager by clicking on Key menu Export -> Backup File. Store the backup file on the hard drive AND off the server.
Step 2: Installing the Root "&" Intermediate Certificates:
Your IIS SSL Certificate will have been emailed to you. The email will also contain three other Certificates: UTN-USERFirst-Hardware.crt, AddTrustUTNServerCA.crt and PositiveSSLCA.crt - save these Certificates to the desktop of the web server machine.
It is essential that you have installed the AddTrustUTNServerCA.crt and PositiveSSLCA.crt certificates on the machine running IIS 4.
Once you have installed the SSL Certificate, restart the machine running IIS 4. You must now complete one of the following procedures - the procedure you follow is dependent on the Service Pack that has been implemented on your machine running IIS4.
ServicePack 3:Install the above certificates in your Internet Explorer by opening each certificate and clicking "Install Certificate". See Microsoft KnowledgeBase Q216339).
ServicePack 4:Install the above certificates manually in a specific root store (you may also want to read (see Microsoft KnowledgeBase Q194788):
- Install the UTN-USERFirst-Hardware.crt certificate by double clicking on the corresponding file this will start an installation wizard
- select Place all certificates in the following store and click browse
- select Show physical stores
- select Trusted Root Certification Authorities
- select Local Computer, click OK
- back in the wizard, click Next, click Finish
- Repeat the same for the AddTrustUTNServerCA.crt and PositiveSSLCA.crt, however choose to place the certificates in the Intermediate Certification Authorities store.
ServicePack 5:Same as SP4.
ServicePack 6:Same as SP5.
Reboot the web server to complete the installation.
Installing the Root and Positive SSL Intermediate Certificates
If you have any problems with the installation of your certificate on IIS 4x, check you have installed the root and intermediate certificates correctly, by following the instructions here