HTTPS and X509 certificates in .NET Part 3: how to install certificates and use them with IIS


In the previous post we looked at the command line tools makecert and pvk2pfx. We saw how they could be used to create a root and a derived certificate and to package the private key and certificate files.

In this post we will install the certificates in the Windows certificate store so that they are trusted by IIS. We’ll also see how to tell IIS to use a specific SSL certificate.

certmgr and MMC snap in

The c:\windows\system32 folder includes two GUI tools for certificate management: certmgr.msc and mmc.exe. MMC.exe is a more general tool where you can import so-called snap-ins. Certificates have their own snap-in.

Run mmc.exe as an administrator. The following empty window will open:

Read more of this post

HTTPS and X509 certificates in .NET Part 2: creating self-signed certificates


In the previous post we looked at TLS and certificates in general. We saw what makes up an SSL certificate and how browsers use it to verify the identity of the server and to decrypt/encrypt the communication.

In this post we’ll look at a tool called makecert.exe.

Before we actually continue there are some other important terms that we need to investigate.

Read more of this post

HTTPS and X509 certificates in .NET Part 1: introduction


HTTPS, SSL, TLS – these terms are used interchangeably to denote secure communication between a web client and a web server. Secure HTTP communication generally must ensure all of the following:

  • The data sent by the client to the server shouldn’t be tampered with by a third party in between – at least not without the server noticing it
  • The secured data sent by the client should not be easily deciphered by a third party
  • The client must be sure that the web server is really the one it claims to be, i.e. the it belongs to and not some bogus site claiming to be
  • An attacker should not be able to take the client’s input and resend it to the server multiple times

Read more of this post

Elliot Balynn's Blog

A directory of wonderful thoughts

Software Engineering

Web development

Disparate Opinions

Various tidbits

chsakell's Blog


Once Upon a Camayoc

Bite-size insight on Cyber Security for the not too technical.

%d bloggers like this: