Configure Server Certificate
On the windows server on which TMSXE is running, you must load a server certificate within IIS.
The process involves generating a certificate signing request (CSR), which is sent to a certificate authority (CA), and then installing the signed certificate you receive from the CA.
Generating a CSR for IIS 7 (Windows Server 2008):
Step 1 Open the Server Manager console (Start > All Programs > Administrative Tools > Server Manager).
Step 2 In the Role View, select IIS Manager (Server Manager > Roles > Web Server > IIS Manager).
Step 3 Double-click Server Certificates.
Step 4 In the Actions pane on the right, click Create Certificate Request.
Step 5 (Important) In the “Common Name:” field, enter the Fully Qualified Domain Name (FQDN) of the DNS name which users will type into the address bar in their browser to reach your website (site.cisco.com NOT site). If you have a different physical hostname than what users will type into their browsers to get to your site, make sure to put in the name users will use.
Step 6 In the “Organization” field, type your organization name.
Step 7 In the “Organizational Unit” field, type the name of your organization and click Next.
Step 8 In the “City/locality” field, type the city where the server resides and click Next.
Step 9 In the “State/province” field, type the state where the server resides.
Step 10 In the “Country/Region” field, select US (United States) and click Next.
Step 11 Leave the CSP at the default value.
Step 12 For the “Bit Length”, select 2048.
Step 13 Enter (or Browse to) a filename to save the certificate request (CSR), click Finish.
Step 14 Copy and paste the entire contents of the CSR file you just saved.
The default save location is C:\.
Step 15 Provide the CSR file to your CA and wait for them to send a signed certificate back to you.
Installing the Public Root Certificate in IIS7 (Windows Server 2008):
Step 1 Double-click the Root CA certificate file and click Install Certificate.
Step 2 Click Next, place the radio button in Place all certificates in the following store and then click Browse.
Step 3 Place a check in Show Physical Stores .
Step 4 Expand the Trusted Root Certification Authorities folder, select the Local Computer folder, and click OK.
Step 5 Click Next and then Finish. You will receive the message: “The import was successful”.
Installing the Intermediate CA certificate (if applicable):
Step 1 Double-click the Intermediate CA certificate file and click Install Certificate.
Step 2 Click Next, place the radio button in Place all certificates in the following store and then click Browse.
Step 3 Place a check in Show Physical Stores.
Step 4 Expand the Intermediate Certification Authorities folder, select the Local Computer folder, and click OK.
Step 5 Click Next and then Finish. You will receive the message: “The import was successful”.
Installing your SSL server certificate:
Step 1 In the IIS Manager console, go to the Server Certificates action pane, and click Complete Certificate Request. The Complete Certificate Request Wizard appears.
Step 2 Browse to the location where you saved your SSL server certificate, select it, then click Open.
Step 3 Enter a friendly name for your certificate (use the certificate's hostname if you're unsure). Then click OK.
At this point SSL is available for TMSXE. You will still need to configure the TMSXE or individual directories to use SSL.Select your IIS Site.
Step 4 In the action pane on the right, under Edit Site, click Bindings.
Step 5 Click the Add button.
Step 6 In the Type menu, select https.
Step 7 In the SSL certificate menu, select your SSL certificate.
Step 8 Click OK.