Isku dar shahaadada SSL ee ka timid DomainFactory ee ku taal IIS

Da'da aynu isku dayno 'Encrypt' , boggaga internetka ee la duubay ayaa hadda heer ah. Si kastaba ha noqotee, duullimaad ama shahaadooyin dheeri ah oo leh aqoonsi gaar ah oo lagu kalsoonaan karo ayaa sidoo kale badanaa loo baahan yahay. Bixiyaha DomainFactory wuxuu bixiyaa shahaadooyin SSL oo qaali ah oo waliba dibedda loo isticmaali karo. Dejinta ku jirta IIS-ta hadda waxay ku guuleysataa CSR la'aan iyadoo la kaashanayo OpenSSL . Kuwa soo socda waxaan si kooban ku tusi doonaa talaabooyinka looga baahan yahay tan.


Marka hore waxaad doorataa cinwaanka aad rabto sida magaca domainka (adoo galaya "www" si hadhow labada https://tld.com iyo https://www.tld.com loo kaydiyo):

Shahaadada SSL IIS

Ka dib xulashada shahaadada la doonayo iyo muddada, DomainFactory waxay abuuri kartaa CSR u gaar ah:

Shahaadada SSL IIS

Ikhtiyaarka labaad (soosaar CSR-kaaga) maahan mid loo baahan yahay oo culeys badan leh (marka loo eego, IIS ma bixiso ikhtiyaarka ah soo saarista SHA256 codsiyada la duubay ee ay u baahan tahay DomainFactory). Kadib amarka guuleysta, waxaad soo degsataa shahaadada SSL, furaha gaarka loo leeyahay iyo xirmooyinka dhexdhexaadka ah ee CA:

Shahaadada SSL IIS

Hadda waxaad isku daraysaa furaha iyo shahaadada faylka pfx adigoo gacan ka helaya OpenSSL (u xilsaaraya lambar sir ah):

openssl pkcs12 -export -out www.tld.com.pfx -inkey www.tld.com.key -in www.tld.com.crt

Ugu dambeyntiina, shahaadada dhexe waxaa lagu soo dhejiyaa server-ka Windows:

Shahaadada SSL IIS

Tan waxaa ku xiga soo dejinta faylka la abuuray ee pfx ee Maareeyaha IIS (aagga Shahaadooyinka Server) adoo galaya lambarkii hore ee loo qoondeeyay:

Shahaadada SSL IIS

Ugu dambeyntiina, waxaad hagaajineysaa xirmooyinka (hal gelitaan leh iyo hal gal la'aan www):

Shahaadada SSL IIS

Haddii server-ka laga heli karo banaanka, waxaad ka furaysaa dekedda 443 ee router / firewall.

Dib u laabo