Certify The Web: Easily Generate Let’s Encrypt Certificates for IIS

In this tutorial, I will tell you how to easily generate Let’s Encrypt certificates for IIS with Certify The Web software.

I have already covered the topic of Let’s Encrypt certificates on IIS in Installing a Let’s Encrypt certificate on IIS and this one Let’s encrypt generate a PFX with IIS to generate pfx.

With Certify The Web, the generation and renewal of Let’s Encrypt certificates becomes as easy as on Linux with Certbot.

Introducing Certify The Web

Certify The Web is an application available for Windows, which allows you to manage and generate Let’s Encrypt SSL certificates.

Certify The Web is a “graphical interface” for Let’s Encrypt

Summary of features:

  • Support for several certification authorities: Let’s Encrypt, Buypass Go SSL, Digicert …
  • Supports multiple web servers: IIS, Apache, Nginx
  • Automatic certificate deployment (Exchange, Remote Desktop, etc.)
  • Automatic renewal
  • ….

Complete list of features of Certify The Web.

Certify The Web - GUI

Prerequisite

Before starting, download the latest version available on the site: Certify Your Windows IIS Website – simple free certificates powered by Let’s Encrypt (certifytheweb.com)

In order to be able to generate the certificate (s), the Host name 1 field must be configured on the IIS sites.

IIS site configuration

Installing Certify The Web

Run the setup file that was uploaded to the web server (IIS).

Certify The Web Installer

When launching the Certify The Web installation wizard, accept the license agreement 1 and click on Next 2.

Accept license

If necessary, modify the installation path 1 then click on the Next 2 button.

Destination location

Proceed by clicking on Next 1, creating the folder in the Start menu.

Confirm the installation of Certify The Web, by clicking on the Install button 1.

Confirm install Certify The Wen

Wait during installation …

Wait during install

Once the installation is complete, click on the Finish 1 button, if the Run Application box is checked, Certify The Web opens after closing the wizard.

Wait while Certy The Web launches …

The installation wizard normally places a shortcut on the desktop.

Generate a Let’s Encrypt certificate with Certify The Web and IIS

Now that the software is installed, we will see how to create a Let’s Encrypt certificate, but first, it is necessary to configure an e-mail address.

Setting up an account for Let’s Encrypt

From CertifyThe Web, click on the New Certificate 1 button.

Certify The Web - GUI - Home

An information message is displayed, indicating that a contact must be created, click on OK 1.

Select the certification authority 1, here Let’s Encrypt, indicate a contact email address 2 and click on the Register Contact 3 button.

We will now be able to proceed to the generation of a Let’s Encrypt certificate for an IIS site.

Generate a Let’s Encrypt certificate

Back to the Certify The Web home window, click again on the New Certificate 1 button.

Create a new certificate Let's Encrypt

The first step will be to select the site 1 from the drop-down list.

Select site

Once the site has been selected, the information for the domain (s) is displayed 1, during the first generation of a certificate for a domain or a site, I recommend doing a test before, for that click on the Test button 2.

Wait while Certify The Web runs the Test …

The test is finished and everything is good, we can generate the certificate. Close the test result by clicking on the arrow 1.

To generate the certificate, click on the Request Certicate 1 button.

Wait while the Let’s Encrypt certificate is generated by Certify The Web …

The certificate has been generated, click on Managed Certificates to return to the previous view.

In the list of sites on the left, we can now see a green dot next to the name which means that an SSL certificate is installed, we can also under the name, the time in days before expiration.

If we look in the IIS console, the site is now accessible in HTTPS with the Let’s Encrypt certificate.

IIS - Let's Encrypt

Complements

Renewal of certificates

By default, certificate renewal is automatically activated and occurs every 30 days. The renewal part is configurable by going to Settings 1, you normally arrive directly on the configuration of the renewal part.

It is possible to disable the automatic renewal for a site, by going to Advanced 1, General Options 2 and you must uncheck the Enable Auto Renewal 3 box. Think about saving.

View certificate information

To display the certificate information, click on Status 1, from there, some information is available such as the creation / renewal date, the expiration date and the next renewal date.

Export the certificate in PFX format

Let’s Encrypt certificates generated with Certify The Web can be exported in PFX formats with their private key, which is useful if you need to install it on another web server such as in the case of a DAG with Exchange where it is necessary to ” have a certificate in PFX format with the private key.

I won’t go into detail on how to export a certificate here.

From the Certificate Management MMC in the personal store, we can see that the certificate has the private key icon 1.

When exporting, choose Yes, export the private key.

Select the PFX format.

Then enter the certificate protection password

Then continue to follow the wizard to export the certificate.

Conclusion

Certify The Web is a practical software that automates the management of certificates (Let’s Encrypt) on Windows with a graphical interface. It allows management as easy as under Linux with Certbot, in particular for automatic renewal.




Leave a Comment