Configuring and updating an SSL Certificate in IIS Manager
Who is this article for?
Users for On-prem customers who wanted to update SSL certificate
IT/admin team who have access to the application server.
This article will walk you through on how to install SSL certificate if the existing one is expired
1. Steps to Import and Bind a New SSL Certificate in IIS
This guide explains how to update an SSL certificate in IIS. Follow these steps to import the new certificate and bind it to your website securely.
1.1. Obtain the New SSL Certificate
Before updating the SSL certificate in IIS, you must have the new SSL certificate file provided by Trusted Certificate Authority (CA). If you haven’t yet requested a new certificate, follow the process through your CA
1.2. Import the New SSL Certificate
Open IIS Manager.
In IIS Manager, in the Connections pane on the left side, click on the server node and select Server Certificates under the IIS section.
In the Actions pane on the right, click Import.
In the Import Certificate dialog:
Browse to the location where your new SSL certificate file is stored.
Select the certificate file (typically
.pfxif it includes the private key).Enter the password if prompted (this would be the password set when the certificate was generated).
Choose the appropriate certificate store (usually the personal store is fine).
Click OK to import the certificate.
1.3. Bind the SSL Certificate to Your Site
In the Connections pane, expand the Sites section, then select the default website to update the SSL certificate.
Right click on Default website, click on Edit Bindings... to open the Site Bindings window.
In the Site Bindings window, find the
httpsbinding (this is for secure SSL traffic). If you don’t seehttps, click Add to create a new binding for port 443.Select the
httpsbinding and click Edit.In the Edit Site Binding window:
For SSL certificate, select the new SSL certificate from the drop-down list.
Click OK to save your changes.
2. Finalizing SSL Certificate Update in IIS
The following steps will help you confirm whether the SSL certificate has been successfully updated and applied in IIS.
2.1. Restart IIS Services (Optional)
It’s a good practice to restart IIS to ensure the new SSL certificate is properly applied across all services. You can do this from IIS Manager:
In the Actions pane on the right side of the IIS Manager window, click on Restart under the server's name.
2.2. Verify the SSL Certificate
Open a web browser and navigate to your website using
https://.Click on the padlock icon in the address bar to view the certificate details.
Verify that the certificate has been updated and that it’s valid. Check the Issuer, Expiration Date, and ensure the Chain of Trust is complete.