For SSL Certificate Installation On Windows Servers
The Internet has created many new global business opportunities for enterprises conducting online commerce. However, the many security risks associated with conducting e-commerce have resulted in security becoming a major factor for online success or failure.

Over the past years, consumer magazines, industry bodies and security providers have educated the market on the basics of online security. The majority of consumers now expect security to be integrated into any online service they use, as a result they expect any details they provide via the Internet to remain confidential and integral. For many customers, the only time they will ever consider buying your products or services online is when they are satisfied their details are secure.

This guide explains how you can utilize SSL certificates to activate the core security technology available on your existing web server. You will also learn how secure SSL allows you to protect your customer's transactions and provide visitors with proof of your digital identity - essential factors in gaining confidence in your services and identity.

Using SSL certificates from Bummer Hosting Solutions to secure your online transactions tells your customers you take their security seriously. They will visibly see that their online transaction will be secure, confidential and integral and give them the confidence that you have removed the risk associated with trading over the Internet.

Using security helps you realize the benefits of online commerce:

• Open global markets - gain customers from all over the world
• New and exciting ways of marketing directly to your customer
• Offer new data products and services via the Web

Only if you have visibly secured your site with SSL security technology will your customers have confidence in your online operations. Read on to learn how SSL helps you achieve the confidence essential to successful e-commerce.

What is SSL?

Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. In order to be able to generate an SSL link, a web server requires an SSL Certificate.

When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your hosted website (e.g. your website's URL) and your company's name plus it's location. Your webserver then creates two cryptographic keys - a Private Key and a Public Key. Your Private Key is so called for a reason - it must remain private and secure. The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR) - a data file also containing your details. You should then submit the CSR during the SSL Certificate application process Bummer Hosting Solutions, who will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL.

Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer's web browser.

Displaying the SSL secure padlock

The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session - the Padlock


As seen by users of Internet Explorer

Clicking on the Padlock displays your SSL Certificate and your details:



As seen by users of Internet Explorer

All SSL Certificates are issued to either companies or legally accountable individuals. Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiry date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate.

When a browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user.

Bummer Hosting Solutions benefits summary:

Bummer Hosting Solutions SSL certificates are the most cost effective SSL certificates you can buy including:

• Full validation conducted quickly - in many cases, within an hour
• Over 99.3% browser compatibility
• 128 bit strong encryption security
• Backed by warranties ranging from $50 to $10,000
• Bummer Hosting Solutions certificates allow you to successfully use SSL on your webserver.

Step by step instructions to set up SSL on your Microsoft IIS webserver


There are four stages to setting up SSL on your Microsoft IIS webserver:

1. Create a Certificate Signing Request (CSR)
2. Apply online
3. Installing your Certificate
4. Displaying your Secure Site Seal

1. Generating a Certificate Signing Request (CSR)

A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the web form in the enrollment process:

Generate keys and Certificate Signing Request:

• Select Administrative Tools from the Start Menu
• Start Internet Services Manager

• Open the Properties window for the website the CSR is for. You can do this by right clicking on the Default Website and selecting Properties from the menu
• Open Directory Security by right clicking on the Directory Security tab

Click Server Certificate. The following Wizard will appear:



Click Create a new certificate and click Next.



Select Prepare the request now, but send it later and click Next.



Provide a name for the certificate, this needs to be easily identifiable if you are working with multiple domains. This is for your records only.

If your server is 40 bit enabled, you will generate a 512 bit key. If your server is 128 bit you can generate up to 1024 bit keys. We recommend you stay with the default of 1024 bit key if the option is available. Click Next



Enter Organization and Organization Unit, these are your company name and department respectively.

Click Next.



The Common Name field should be the Fully Qualified Domain Name (FQDN) or the web address for which you plan to use you Certificate, e.g. the area of your site you wish customers to connect to using SSL. For example, a Certificate issued for bummerhosting.com will NOT be valid for secure.bummerhosting.com or www.bummerhosting.com. If the web address to be used for SSL is www.bummerhosting.com, ensure that the common name submitted in the CSR is www.bummerhosting.com. Note that preceding the FQDN with https:// is NOT necessary.

Click Next.



Enter your Country, State and City. Click Next.



Enter a filename and location to save your CSR. You will need this CSR to enroll for your Certificate. Click Next.



Check the details you have entered. If you have made a mistake click Back and amend the details. Be especially sure to check the domain name the certificate is to be Issued to. Your Certificate will only work on this domain. Click Next when you are sure the details are absolutely correct.2. Applying for your Bummer Hosting Solutions Certificate Online

Contact Bummer Hosting Solutions and order your SSL certificate. Once you do, the tech support department will tell you what you need to do. When you make your application, make sure you include the CSR in its entirety into the appropriate section of the enrollment form. When you view your CSR it will appear something like:

-----BEGIN NEW CERTIFICATE REQUEST-----
MIIDVjCCAr8CAQAwezEdMBsG A1UEAxMUd3d3Lm15ZG9tYWlubmFtZS5jb20xDDAK
BgNVBAsTA1dlYjEaMBgGA1UEChMRWW91ciBDb21wYW55I E5hbWUxEDAOBgNVBAcT
B015IENpdHkxETAPBgNVBAgTCE15IFN0YXRlMQswCQYDVQQGEwJVUzCBnzANBgkq
hkiG9w0BAQEFAAOBjQAwgYkCgYEAuev9LnSRX/6u5Iz7ckpt0IG4DwnAF/lsksJ0
n5r9w1EK9Np5/OJEt72 r5es3nie5rTKo3O4yvSLovkS0vqT+iOlEZvl5B4mXTEPw
fDLjEcwcNb8SCJ4ArUAhHKJWHDKJHDKDA6587568 gfhjfjFHGFHFhsgGHJGJjhhj
HFD^TGFrYTrYTrfGHI&DHJKDHkjwjkkgAgcwCgYIKoZIhvcNHKJHFrytD ETR$456
AwcwEwYDVR0lBAwwCgYIKwYBBQUHAwEwgf0GCisGAQQBgjcNAgIxge4wgesCAQEe
WgBNAGkAYw ByAG8AcwBvAGYAdAAgAFIAUwBBACAAUwBDAGgAYQBuAG4AZQBsAC67
QwByAHkAcAB0AG8AZwByAGEAcABoAGk AYwAgAFAAcgBvAHYAaQBkAGUAcgOBiQCq
EH3QppP7Ewuz6oh4EUXMbKdqieAcbQ52iFSXqQ/n1xAtEpVUfjIM 3exr42EhyYlr
lV7cpUKbSr/eQ6c/hjiUi17EpvleBBV0BkFWsWzJoShx0BmOKvDnKINNQC3Jya+M
N/t9a xyuCwdUYJiLglNnjcBLSxL/6hovXNDLuCLgMAAAAAAAAAAAMA0GCSqGSIb3
DQEBBQUAA4GBAEQT6Pwj0BHeOU w+AR0GAT30q+1OYNkr341CouMC6M7KqlKgVZDV
tRes4uz1Yf8+WRCutVvDByrey+CdgzJzHvHqS6lAj2swx8Q adclVWOkZfH//k/KE
1MiOEb6c3Mp1ECorjIm+HRN20Qga+dnDBOowyRYn7Vz+NKar88mrJwk/
-----END NEW CERTIFICATE REQUEST-----

Be sure to copy the entire CSR text including the text below when sending it to Bummer Hosting Solutions Tech Support.

-----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST-----

3. Installing your Bummer Hosting Solutions SSL Certificate

When you SSL Certificate has been issued you will receive 3 Certificates via email from Bummer Hosting Solutions. Save these certificates to the desktop of the webserver machine, then:

• Click the Start Button then select Run and type mmc
• Click File and select Add/Remove Snap in
• Select Add, select Certificates from the Add Stand alone Snap-in box and click Add
• Select Computer Account and click Finish
• Close the Add Stand alone Snap-in box, click OK in the Add/Remove Snap in
• Return to the MMC

A. To install the GTECyberTrustRoot Certificate:

Right click the Trusted Root Certification Authorities, select All Tasks, select Import.


Click Next.


Locate the GTECyberTrustRoot Certificate and click Next. When the wizard is completed, click Finish.

To install the Bummer Hosting Solutions CA Certificate:


Right click the Intermediate Certification Authorities, select All Tasks, select Import.

Complete the import wizard again, but this time locating the Bummer Hosting Solutions CA Certificate when prompted for the Certificate file.

Ensure that the GTECyberTrustRoot certificate appears under Trusted Root Certification Authorities

Ensure that the Bummer Hosting Solutions CA appears under Intermediate Certification Authorities

C. Installing your SSL Certificate

Select Administrative Tools

Start Internet Services Manager


Open the properties window for the website. You can do this by right clicking on the Default Website and selecting Properties from the menu.

Open Directory Security by right clicking on the Directory Security tab


Click Server Certificate. The following Wizard will appear:


Choose to Process the Pending Request and Install the Certificate. Click Next.

Enter the location of your certificate (you may also browse to locate your certificate), and then click Next.

Read the summary screen to be sure that you are processing the correct certificate, and then click Next.

You will see a confirmation screen. When you have read this information, click Next.

You now have a server certificate installed.

Important: You must now restart the computer to complete the install

Open the Properties of the default website and ensure that SSL port contains the number 443 (it should default to this number automatically). You may want to test the Web site to ensure that everything is working correctly. Be sure to use https:// when you test connectivity to the site.