Let’s Encrypt is a certificate authority (CA) provides free SSL certificates for websites. You can issue certificates for any domain name. This tutorial will help you issue Let’s Encrypt SSL certificate on Windows system and configure on IIS.
Useful tutorials:
- How to Install IIS on Windows
- How to Create Site in IIS via command line
- How to Redirect HTTP to HTTPS in IIS
Download Win-ACME Tool
First of all, download the latest Windows ACME Simple (WACS) application. This can be downloaded from the official github releases page. Use the below link to visit download page:
https://github.com/win-acme/win-acme/releases,
At the time of writing this post, the downloaded archive is win-acme.v2.0.3.206.zip.
Create A New SSL Certificate
After downloading the archive file, extract it on local filesystem. Then switch to the extracted directory and Run wacs.exe as an administrator. The administrator privileges required to access and modify IIS settings.
It will open a terminal window and show you the multiple options on screen. Select Create new certificate (siimple for IIS) by pressing “N’.
This will show you the sites configured in IIS. Choose one or multiple sites with command seprated numbers to issue SSL certificate.
Select 1 for how do you want to pick the bindings and press enter.
Then Just press enter for Include bindings:
Accept the terms by enter “yes” and press enter to continue. Let’s encrypt will initiate domain authorization process over http. Once the autorization complete successfully, the SSL certificate is issued.
This will also associate SSL certificate with site bindings in IIS.
Test Certificate and Binding
Open the website over https in a web browser. You will see a valid SSL certificate in browser. You can also verify SSL with ssllabs free tool. This will also scan for security settings on your server.
You can also edit the site bindings to view if SSL is properly configured.