How to create a SSL certificate with custom domain name for use in IIS7 web sites

IIS7 supports creating self-signed certificates. This is done from the root web server folder, under the "Server Certificates" icon. The feature works well as long as you are using your computer’s name as the domain name of the web site, e.g. http://mycomputer/.

A problem arises if you want to use a different domain name for your development and testing purposes. I have created additional local DNS mappings in the C:\Windows\System32\Drivers\etc\hosts file, such as "127.0.0.1 dev.langlo.no". When I try to go to a page using this domain and the HTTPS protocol (e.g. https://dev.langlo.no/login.aspx), I get a warning that the certificate is for a different domain (the local computer name domain). It’s possible to get past the warning and use the SSL tunnel on the site, but if you are running a web application under partial trust (for instance a WPF XBAP), then this warning causes your application to refuse to accept the SSL connection.

The solution to this problem is to create a self-signed certificate that is issued to your specific domain (e.g. dev.langlo.no). Unfortunately I don’t know how to do this from within the IIS Manager UI.

After many hours of research today I finally found out how to this. Here’s the solution

Open a Visual Studio command prompt (has yellow font color on my machine) and run the following two commands (note, you have to "Run As Administrator"):

makecert.exe -n "CN=Koda Root CA,O=Koda Software,OU=R&D,L=Salt Lake City,S=UT,C=US" -pe -ss Root -sr LocalMachine -sky exchange -m 96 -a sha1 -len 2048 -r

makecert.exe -n "CN=dev.langlo.no" -pe -ss My -sr LocalMachine -sky exchange -m 96 -in "Koda Root CA" -is Root -ir LocalMachine -a sha1 -eku 1.3.6.1.5.5.7.3.1

You want of course to replace my identifiers with yours:

"Koda Root CA" – this is the name of your Root Certificate Authority

"O=Koda Software,OU=R&D,L=Salt Lake City,S=UT,C=US" – company data, optional

"dev.langlo.no" – this the domain you need the SSL protocol to run within

Just for completeness sake, I’m running Windows Vista Ultimate, SP1 and Visual Studio 2008 Professional.

Hope this helps!

Atlas References

After attending the Microsoft PDC conference in September I decided to take a closer look at the Atlas framework for my web development. I haven’t had a chance to do so yet, but since there’s some much interest in AJAX development right now, I thought I’d take a minute and add the Atlas references that I have collected:

 

Atlas home page – Community Site for the ASP.NET Atlas technology

 

Start.com Developer Center – writing gadgets for for  Start.com (and Live.com?)

 

Microsoft Gadgets – Gadgets will be used in the Windows Vista Sidebar, on Start.com, on Live.com

 

Some interesting blog entries:

 

MSJawahar, Atlas Behaviors – enabling "auto complete" using Atlas as a declarative code model

 

ScottGu’s Blog, Atlas Project – Atlas project description

 

nikhilk.net, ASP.NET/Atlas – Several Atlas related articles from Nikhil Kothari (Web Platform and Tools architect for Microsoft)

 

Imran Qureshi, Windows Live Mail – the next version of Hotmail, using Atlas. The article references "So why is Kahuna different" which again references a bunch of other links on Kahuna aka Hotmail "next" aka Windows Live Mail.

 

So there you have it. Everything you need to start doing AJAX development, the Microsoft way.