Windows IIS 10 Server setup for TrustCor SSL


This article will detail the steps for obtaining an SSL on a Windows IIS 10 Server server using TrustCor Premium DV Certificates.

1. Purchase trustcor from No-IP.

To learn more about this process, please review our article:
How to Purchase and Configure a TrustCor Premium DV SSL

2. Generate a CSR

For this step there are two ways to do this. You can either use OpenSSL and follow that guide.  Or manually using windows, keep reading here if you’re going to use windows.

Go to start > Run > MMC > File > Add / Remove Snap-In > Certificates > Add > Computer Account > Local Computer > Select Certificates then OK > Open the “Personal” dropdown > Right click Certificates > All Tasks > Advanced Operations > Create custom request > Next > Click “Proceed without enrollment policy” then Next > No Template CNG key under the dropdown select PKCS #10 then Next > Click on “Details” then Properties > Click on the “Subject” tab
You will need to select these types on the dropdown on the left, add the value then add it to the right side. 
Country (2 letter code): US
State (full name): Your State (or Province)
Locality (eg, city): Your City
Organization Name (eg, company): Your Company Name
Organizational Unit Name (eg, section): IT
Common Name (eg, YOUR domain name): yourdomain.com
Email: youremail@youremail.com
Alternative Names is optional 

After you’re done click on the Private Key tab make sure the key size is 2048. Make the private key exportable, and select sha256 as the hash algorithm > select where you want to save it > select base 64 then Finish.

Add CSR to No-IP

3. Now that the CSR has been created, you can open this with a TXT editor to copy and paste this into your No-IP account.

Copy the CSR, including everything from

-----BEGIN CERTIFICATE-----

to

-----END CERTIFICATE-----

4. From your No-IP account, Click My Services at the left, then SSL Certificates.

Locate the TrustCor Premium DV and click the Add CSR button.

ffc72b12-6c40-4008-a433-0db5122f7801

5. Here, you will choose your server type from the drop down menu, paste the CSR we just copied, then click the green “Add CSR” button to continue.

ed9dcded-ed69-4e9f-b753-c3d09ea4bf14

6. You will now see the section called “SSL Contact Information“.

Fill in the information required. The City, State and Country will be auto-filled from the information generated in the CSR you created. Click the green Confirm button when finished.

12467dbe-0a38-41f9-811e-18947f88138d

7. Finally, you will see the section called “DNS Verification Record”.

If your domain is registered with us and you have Plus Managed DNS, we will add the DNS Verification TXT record automatically.

If you are an Enhanced user with us, you will need to copy and paste the DNS Verification TXT record to your DNS Records manually.

If your domain is not registered with No-IP, you will need to copy and paste the DNS Verification TXT record to your DNS Records manually at your current DNS provider.

Click the Continue button once you have reviewed and/or copied this information.

89c5b6fa-bded-49f7-9ee1-4446874ddfcf

8. Wait for Verification. TrustCor will search for the TXT record you have added to your domain.

This typically happens within the hour, after the TXT record is added and propagated. Until then, the Status will remain in Pending Verification.

0cc1df49-aaa6-438c-8346-5466e4889350

After about 30 minutes, TrustCor will verify the TXT record and the Status will change to Active.
8245b6bd-fb87-4c84-b3fc-0821ae00ac7c

9. Download the signed-certificate from the No-IP UI.

From your No-IP account, click My Services at the left, then SSL Records. Find your TrustCor Premium DV and click the Download button.

1056bd0b-6e24-42dc-b153-1da601141513

10. Here, use the dropdown menu to select the file type and click the Download button to obtain the file.

3a9433de-c082-4bc8-ac2a-a08a5f7e8c5a

11. You will take this Certification file and install this onto the same machine you generated the CSR from,
by using the Internet Information Services (IIS) Manager. This is usually completed using the IIS “Complete Certificate Request” feature.

You may need to make further configurations to the IIS, such as assigning the SSL using the Binding program of the server. While we do not support this level of server configuration, you can find many useful guides on the internet, such as this one:

https://support.globalsign.com/ssl/ssl-certificates-installation/how-install-ssl-certificate-iis-10

You have now installed the SSL on your IIS server.

More Information

You can find more information about installing TrustCor SSLs and obtaining TrustCor’s Intermediate Certificates from their Knowledge Base here.