Installing SSL Certificates

OrgChart Now - SSL Configuration Instructions

Intended Audience

Certain OrgChart Now customers choose to install OrgChart Now as an on premise solution. This document is not relevant to customer using the cloud service.

Introduction:

This document details how to set up HTTPS on your OrgChart Now Server. This document is recommended for someone who is already has some experience with Windows Server 2012.

Before you begin

  1. Make sure OrgChart Now is fully installed on your server (See OrgChart Now – Server Setup Guide)
  2. Work with you system administrator (or directly with a SSL Certificate Vendor – for example, godaddy.com) to obtain an SSL certificate.

Note: You can either use a wildcard certificate or a standard certificate. See - https://support.godaddy.com/help/article/567/what-is-a-wildcard-ssl-certificate for more information on wildcard certificates.

Remote Login

From your computer, Remote Login to your Server

IMPORTANT: EACH SSL CERTIFICATE VENDOR USES A SLIGHTLY DIFFERENT APPROACH FOR GENERATING CERTIFICATES. THE INSTRUCTIONS BELOW DESCRIBE A COMMON SCENARIO. WORK WITH YOUR SYSTEM ADMINISTRATOR TO DETERMINE IF THE APPROACH BELOW WILL WORK IN YOUR ENVIRONMENT.

Wildcard Certificates

If you are using a wildcard certificate, you can use the standard procedure ONLY if this your first usage of the certificate. If the wildcard certificate has already been used on another server, complete steps in Appendix A and Appendix B and then skip to the ‘Bind the Certificate’ section.

Install an Intermediate Certificate in Microsoft IIS

4. Copy your certificates (supplied when you purchased an SSL certificate) to the OCNKeys folder (there should be two certificates – an intermediate certificate and security certificate)
5. Use the following instructions to install the intermediate key.

https://support.godaddy.com/help/article/4801/installing-an-ssl-certificate-in-microsoft-iis-7 (only complete the section To Install an Intermediate Certificate in Microsoft IIS 7)


Install an SSL Certificate in Microsoft IIS

6. Click Start, mouse-over Administrative Tools, and then click Internet Services Manager.
7. In the Internet Information Services (IIS) Manager window, select your server.
8. Double-click on ‘Server Certificates’.
9. From the Actions panel on the right, click Complete Certificate Request….
10. To locate your certificate file, click …. (in the OCNKeys folder)
11. In the Open window, select *.* as your file name extension, select your certificate (it might be saved as a .txt, .cer, or .crt), and then click Open.
12. In the Complete Certificate Request window, enter a Friendly name for the certificate file (e.g. OrgChartNowSSL).
13. For the certificate store, select ‘Personal’ unless otherwise instructed by your system administrator.
14. Click OK.

Bind the Certificate

15. Select the ‘OrgChartNow’ Site in IIS Manager (Under Sites in the Connections panel)
16. In the Actions panel on the right, click Bindings….
17. Remove the existing ‘http’ binding.
18. Click Add…
19. For Type, select https.
20. For IP address, select All Unassigned, or the IP address of the site.
a. For Port, type 443.
b. For SSL Certificate, select the SSL certificate you just installed, and then click OK.
21. Close the Site Bindings window.
22. Close the Internet Information Services (IIS) Manager window. Your SSL certificate installation is complete.

Setup Redirect Folder

The redirect folder will be used to redirect http requests to https requests. Replace [your server address] with the DNS name for your server.

23. Create a folder on your C: drive called ‘Redirect’
24. Create a file called ‘Default.htm’ in the ‘Redirect’ folder

<html>
<head>
<meta http-equiv="refresh" content="0;url=https://[your server address]" />
</head>
<body>
</body>
</html>


Setup Redirect Folder

25. If ‘Server Manager’ is not already running, launch it.
26. Click on the ‘Tools’ menu
27. Select ‘Internet Information Services’
28. Expand the icon for your server (triangle to the left of your server name – on the left)
29. Expand ’Sites’
30. Right Click on ‘Sites’ and select ‘Add Website’
31. Select ‘Add WebSite…’ (Right Click on Sites)
a. Set Site name to Redirect
b. Set Physical Path to - ‘C:\Redirect’
c. Click ‘OK’

Bind the Redirect Site

32. Select the ‘Redirect’ Site in IIS Manager (Under Sites in the Connections panel)
33. In the Actions panel on the right, click Bindings….
34. Remove the existing ‘http’ binding.
35. Click Add…
36. For Type, select http.
37. Set host name to your host name (e.g. orgchartnow.mycompany.com)
38. Click OK
39. Launch an Internet Browser and test if you can access your site with http and https


Appendix A: Exporting a Wildcard Certificate

Note: You may have to ask your system administrator to perform this task.

  1. Logon to a server where the wildcard certificate has already been used.
  2. In the Internet Information Services (IIS) Manager window, select your server.
  3. Double-click on ‘Server Certificates’
  4. Select your wildcard certificate
  5. Click on Export…
    1. Save the exported certificate as a *.pfx file
    2. Set a password
  6. Move the pfx file to the OCNKeys folder on your OrgChart Now server

Appendix B: Importing an SSL Certificate

  1. Click Start, mouse-over Administrative Tools, and then click Internet Services Manager.
  2. In the Internet Information Services (IIS) Manager window, select your server.
  3. Double-click on ‘Server Certificates’.
  4. From the Actions panel on the right, click Import….
  5. Click … .Locate your certificate file (usually in the OCNKeys folder)
  6. Enter password (See Appendix A) and then click OK
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License