Obtain a Server Certificate for an NLB Cluster
Updated: August 22, 2005
Applies To: Windows Server 2003, Windows Server 2003 with SP1
You can use the Web Server Certificate Wizard to obtain a server certificate to be used with all Web servers in a Network Load Balancing (NLB) cluster. To ensure that the name on the certificate matches the name of the server, specify the virtual name of the NLB cluster as the common name on the certificate. After you receive the server certificate, install it on all machines in the NLB cluster.
Credentials: Membership in the Administrators group on the local computer.
Tools: Iis.msc, Web Server Certificate Wizard.
As a security best practice, log on to your computer using an account that is not in the Administrators group, and then use the Run as command to run IIS Manager as an administrator. At the command prompt, type runas /user:administrative_accountname “mmc %systemroot%\system32\inetsrv\iis.msc”.
In IIS Manager, double-click the local computer, and then double-click the Web Sites folder.
Right-click the Web site for which you want to obtain a certificate, and then click Properties.
On the Directory Security or File Security tab, under Secure communications, click Server Certificate.
In the Web Server Certificate Wizard, click Create a new certificate.
Follow the steps in the Web Server Certificate Wizard. On the Your Site’s Common Name page, type the virtual name of the NLB cluster in the Common name box, and then click Next to continue following the steps in the wizard.
By default, the certificate request file is saved as C:\Certreq.txt, but the wizard allows you to specify a different location.