« Previous Next »

• 07-30-2004, 11:02 AM

  akahara Joined on 11-15-2002, 1:15 PM Posts 0

  Using SelfSSL Reply Contact Here are some tips & lesssons learned I've experienced from real-world useage of SelfSSL: here is the correct syntax for assigning the cert to a web site: selfssl /N:cn=dev.yourdomain.com /V:3650 /S:123456789 If you omit the :cn after the /N:cn= (i.e /N:dev.yourdomain.com), it throws an error...took me a minute to figure this out. The /V: is the validity of the certificate in days. So, for dev, I went 10 years. The /S: is the site ID in IIS6. This is found in the metabase, or in the IIS manager. Lastly, I had some port conflicts when I installed certificates on all my sites. For some reason, they were all trying to use the same certificate, even though I specified different site IDs in SelfSSL. Anyhow, this was fixed simply by going to "Directory Security" > Server Certificate > [Wizard] > Replace Certificate, and selecting the correct certificates that SelfSSL had created. Hope this helps. Thanks, akahara

• 11-11-2004, 9:09 AM

  In reply to

  akahara Joined on 11-15-2002, 1:15 PM Posts 0

  Re: Using SelfSSL Reply Contact Just wanted to follow up on one point above.... The port conflict with SSL was due to one website listening for ALL IP addresses on 443. When you go to the properties of your website, under the websites tab, and click on "Advanced" next to the IP address field. In the "Advanced Website Configuration" dialog box, make sure that the SSL (lower half of the dialog box) is not set to listen to 443 for ALL IP addresses on your server. Then, you will have better luck using Self SSL with multiple sites running on your box. Thanks akahara

• 11-11-2004, 9:08 PM

  In reply to

  qbernard Joined on 03-26-2003, 2:12 AM Malaysia Posts 3,195	Re: Using SelfSSL Reply Contact Each SSL cert need to bind to unique IP / Ports. In the Advanced configuration section, 'default' - mean all IP address, if you have extra IP address, change it to the IP, if not, you can edit the port 443 to XXXX. hence 1 IP with 2 SSL ports. Cheers, Bernard Cheah

• 11-17-2004, 2:52 PM

  In reply to

  dpparekh Joined on 11-19-2002, 7:53 PM Chicago, IL Posts 2	Re: Using SelfSSL Reply Contact I am testing if the SELFSSL is 128 Bit security.. Dhaval parekh dpparekh@Hotmail.com

• 11-17-2004, 9:24 PM

  In reply to

  qbernard Joined on 03-26-2003, 2:12 AM Malaysia Posts 3,195	Re: Using SelfSSL Reply Contact Yes, it's 128bits Cheers, Bernard Cheah

• 06-01-2005, 9:03 AM

  In reply to

  stormblast Joined on 03-14-2005, 8:55 AM Germany Posts 0	Re: Using SelfSSL Reply Contact This tool is very nice. It took me just a couple of seconds to enable SSL! However, I'm curious if this is the right way for my Shopping Cart. Is it save enough using SelfSSL for that task? And for how many days should I set the validity of the certificate? Do I have to run SelfSSL every 7 days again if I set it to 7? Thanks.

• 06-01-2005, 8:19 PM

  In reply to

  qbernard Joined on 03-26-2003, 2:12 AM Malaysia Posts 3,195

  Re: Using SelfSSL Reply Contact SelfSSL is meant for development use only. If you going to have SSL cert with product use, get it from commercial CA, like Verisign, Thwate, etc.   Refer How To Enable SSL for All Customers Who Interact with Your Web Site in Internet Information Services http://support.microsoft.com/?id=298805 As for the validity, it's up to you. if you need longer time to test, use /v flag to set it. Cheers, Bernard Cheah