Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

Creating a Certificate Trust List on Your Server

Updated: August 22, 2005

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1

You can use the Certificate Trust List Wizard to create CTLs and to add new root certificates to your CTLs. By default, IIS installs the most commonly used CA root certificates.

You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".


To create a certificate trust list on your server
  1. In IIS Manager, expand the local computer, and then expand the Web Sites folder.

    CTLs can be applied only at the Web site level, not at the virtual directory or file level. CTLs are not available on FTP sites.

  2. Right-click the Web site that you want, and then click Properties.

  3. On the Directory Security tab, under Secure Communications, click Edit.

    The Edit button is enabled only if a server certificate has been installed on the site. For information about obtaining and installing a server certificate, see Obtaining Server Certificates and Installing Server Certificates.

  4. In the Secure Communications box, select the Enable certificate trust list check box, and then click New.

  5. Follow the steps in the Certificate Trust List Wizard, which will guide you through the process of creating a CTL.

Related Information

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft