Da'da aynu isku dayno 'Encrypt' , boggaga internetka ee la duubay ayaa hadda heer ah. Si kastaba ha noqotee, duullimaad ama shahaadooyin dheeri ah oo leh aqoonsi gaar ah oo lagu kalsoonaan karo ayaa sidoo kale badanaa loo baahan yahay. Bixiyaha DomainFactory wuxuu bixiyaa shahaadooyin SSL oo qaali ah oo waliba dibedda loo isticmaali karo. Dejinta ku jirta IIS-ta hadda waxay ku guuleysataa CSR la'aan iyadoo la kaashanayo OpenSSL . Kuwa soo socda waxaan si kooban ku tusi doonaa talaabooyinka looga baahan yahay tan.
Marka hore waxaad doorataa cinwaanka aad rabto sida magaca domainka (adoo galaya "www" si hadhow labada https://tld.com iyo https://www.tld.com loo kaydiyo):
Ka dib xulashada shahaadada la doonayo iyo muddada, DomainFactory waxay abuuri kartaa CSR u gaar ah:
Ikhtiyaarka labaad (soosaar CSR-kaaga) maahan mid loo baahan yahay oo culeys badan leh (marka loo eego, IIS ma bixiso ikhtiyaarka ah soo saarista SHA256 codsiyada la duubay ee ay u baahan tahay DomainFactory). Kadib amarka guuleysta, waxaad soo degsataa shahaadada SSL, furaha gaarka loo leeyahay iyo xirmooyinka dhexdhexaadka ah ee CA:
Hadda waxaad isku daraysaa furaha iyo shahaadada faylka pfx adigoo gacan ka helaya OpenSSL (u xilsaaraya lambar sir ah):
openssl pkcs12 -export -out www.tld.com.pfx -inkey www.tld.com.key -in www.tld.com.crt
Ugu dambeyntiina, shahaadada dhexe waxaa lagu soo dhejiyaa server-ka Windows:
Tan waxaa ku xiga soo dejinta faylka la abuuray ee pfx ee Maareeyaha IIS (aagga Shahaadooyinka Server) adoo galaya lambarkii hore ee loo qoondeeyay:
Ugu dambeyntiina, waxaad hagaajineysaa xirmooyinka (hal gelitaan leh iyo hal gal la'aan www):
Haddii server-ka laga heli karo banaanka, waxaad ka furaysaa dekedda 443 ee router / firewall.