IIS 7.0 SSL using Self-Signed Certificates

While developing a website for a friend of mine he recommended me to use SSL since he was expecting sensitive information being POST. So we were brainstorming various options like buying an authenticate SSL (Verisign) or using OpenSSL to generate a personal SSL, but we ended upon using IIS 7 feature of Self-Signed Certificate. I have got to admit the fact that IIS 7 feature list is definite a giant-leap for quick web development and deployment! Anyways, following are some simple steps to create SSL using IIS 7:

1) Certificates are managed in IIS 7 by clicking the root machine node, and then selecting the "Server Certificates" icon in the feature pane.

2) Double click the "Server Certificate" or click "Open Feature" and click the "Create Self-Signed Certificate" link on the right-hand side of the admin tool and in the new Certificate interface type in a name of your new SSL certificate.

3)To enable SSL on your web-site, select the website node and click the "Bindings" link in the "actions" pane on the right-hand side of the screen and click the "Add" button. In the "add binding" dialog we add the HTTPS protocol support. We can select the self-signed certificate we created earlier from the SSL certificate dropdownlist.

4)To test if the SSL is working, open your website (IE/firefox) and you should be prompted with "Security Certificate" warning message. I guess this is some sort of Anti-phishing check. Remember to use "https" and not "http"
On Internet Explorer:

On Firefox:

5) You can view your SSL certificate on lower right corner of you browser.


SSL on IIS 7 is as simple as above. GO MICROSOFT!!