Configuring CCF to Use HTTPS (SSL) on IIS 6.0
The operation of CCF depends on interaction with Web services. A typical CCF environment is built on servers, clients, and networks, all of which are secure. You can use SSL to add another level of security to the Web sites.
|To use SSL successfully, the solutions integrator (SI) must obtain a valid server certificate signed by a trusted root authority.|
If obtaining a certificate is not feasible, you can use a certificate self-test tool called selfssl.exe. This tool is part of the IIS 6.0 Resource Kit available from Microsoft. You can use this tool to generate a self-signed, trusted certificate. The tool has its own command line.
To start the self-test tool
- On the Start menu, click All Programs, and then click IIS Resources.
- Type the following:
selfssl /T /N:CN=CCFIIS /k:2048 /v:9999 /s:3 /p: 8443
- /T – adds the self-signed certificate to the Trusted Certificates list. This tells the local browser to trust the self-signed certificate
- /N:CN<IisServer>= – specifies the common name of the certificate. If you do not specify a common name, then the tool uses the computer name. In the example, the machine name is CCFIIS; however, yours should be the machine name for your IIS server.
- /K:key size – specifies the key length. The default is 1024.
- /V: – specifies the number of days that the certificate will be valid. The default is 7.
- /S:site id – specifies the ID of the site. The default is 1.
- /P:port – specifies the SSL port. The default is 443.
- /Q – specifies quiet mode. If you specify quiet mode, you will not be prompted when SSL settings are overwritten.
|For security reasons, do not use of self-signed certificates for any purpose other than testing or development.|