In order to develop a web application that requires secure base URL for users on HTTPS such as Facebook application, testing cookies across HTTP and HTTPS, etc; we will need to install a Free SSL Certificate just for testing on development environment.
On Windows Server 2008, IIS 7, we can easily create a Self-Signed Certificate SSL Certificate then bind your website to that SSL Certificate. Meaning we have free SSL Certificates; no cost, no sign up, no commitment.
However, please keep in mind that a Self-Signed Certificate is a certificate that is signed by itself instead a trusted third party. Because of this, Self-Signed Certificate can be used ONLY for testing purpose or just on development server.
This tutorial describes steps to create a Self-Signed Certificate and bind the Self-Signed Certificate to your website.
1. Creating Self-Signed Certificate in Windows IIS 7
1. Open Internet Information Services (IIS) Manager (Start => Control Panel => Administrator Tools => Internet Information Services (IIS) Manager).
2. Click on Server Name on the left then double click on Server Certificates icon.
3. Click on Create Self-Signed Certificate…
4. Specify a friendly name for the certificate. For example: SSL Certificate For ssl.4rapiddev.com. After that, click OK button.
5. The SSL Certificate you’ve just created will be displayed in the list similar to below:
2. Binding Self-Signed Certificate SSL Certificate To Website
1. Click on the website you would like to set up SSL Certificate on the left then click on Binding… on the right.
2. On the Site Bindings box, click Add… button.
3. On the Add Site Binding box, change Type to https, select a SSL Certificate for this website; SSL Certificate For ssl.4rapiddev.com for this example. By default, https will utilize port 443 but we may need to change to another port such as 8443.
After that, click OK button to finish this step.
4. Testing Self-Signed Certificate SSL Certificate
Open a browser and try with the HTTPS url such as: https://ssl.4rapiddev.com:8443/. You will receive an un trsuted error message like these: “There is a problem with this website’s security certificate.” – Internet Explorer, “This Connection is Untrusted” – Firefox or “The site’s security certificate is not trusted!” – Google Chrome.
Simply confirm the risk and you’ve done. Now you can develop your web application with SSL Certificate and run it on HTTPS without pay 🙂