Creating a Certificate Trust List on Your Server
Updated: August 22, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1
You can use the Certificate Trust List Wizard to create CTLs and to add new root certificates to your CTLs. By default, IIS installs the most commonly used CA root certificates.
|You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".|
In IIS Manager, expand the local computer, and then expand the Web Sites folder.
Note CTLs can be applied only at the Web site level, not at the virtual directory or file level. CTLs are not available on FTP sites.
Right-click the Web site that you want, and then click Properties.
On the Directory Security tab, under Secure Communications, click Edit.
In the Secure Communications box, select the Enable certificate trust list check box, and then click New.
Follow the steps in the Certificate Trust List Wizard, which will guide you through the process of creating a CTL.
For general information about certificates, see SSL and Certificates.