You are here
SSL Certificate Windows Server 

How to add “Letsencrypt” free SSL in IIS server updated in Aug 2020

Arjun JS , , , , ,

Letsencrypt is a free SSL Service provided by a group of an internet organization. It is a free, automated, and open certificate authority (CA), run for the public’s benefit. 

Letsencrypt is a certificate authority which provides free SSL certificates with 90-days lifetime. The idea behind this innovation is to improve and simplify the process of SSL installation and make the Internet a safer place by providing certificates at no cost. While there are two main functions of SSL – encryption, and validation, Let’s encrypt is aimed at encryption only.

Steps to follow:

To Add SSL Certificate for free in your Windows Server, First map your domain to application in IIS.
Next, Download an opensource app called win-acme from GitHub Repo by clicking here. it is a simple ACME client for Windows – for use with Let’s Encrypt. (Formerly known as lets encrypt-win-simple (LEWS))

After Downloading unpacks the application Zip and runs ‘ wacs.exe ‘ or ‘letscrypt.exe’ in administrator mode. The next steps are very simple because the application only lists all the steps you want to perform.

  • select N in the main menu to create a new certificate with default settings.
  • select how you want to determine the domain name(s) that you want to include in the certificate. This can be derived from the bindings of an IIS site, or you can input them manually.
  • A registration is created with the ACME server if no existing one can be found. You will be asked to agree to its terms of service and to provide an email address that the administrators can use to contact you.
  • The program negotiates with the ACME server to try and prove your ownership of the domain(s) that you want to create the certificate for. By default, the HTTP validation mode is picked, handled by our self-hosting plugin. Getting validation right is often the most tricky part of getting an ACME certificate. If there are problems please check out some common issues.
  • After the proof has been provided, the program gets the new certificate from the ACME server and updates or creates IIS bindings as required, according to the logic documented here.
  • The program remembers all choices that you made while creating the certificate and applies them for each subsequent renewal.
Also Read:  How to host SignalR with SSL/https or adding new port to SSL

Based on domain listing select the domain name to which you want to add SSL certificate.
Note: If you are Running this application for first time application will ask some details like Email-ID, company name, location renewal notification etc..

At last after you complete these steps it will directly connect with letsencrypt and provide you the certificate. Not only that it even assigns and maps HTTPS routing in IIS for you by itself. So no need to worry about that.

Want to import Certificate after install?

If you want the installed certificate .key and .crt then you can import it as well to use it other than IIS app for example for nodeJS server, etc. For that, you can follow this article – How to add an SSL certificate in node server for webRTC app

Related posts