This article demonstrates how to import a certificate to IIS on your Windows Server 2012 R2 (the instructions are the same on Windows Server 2016), and how to bind that certificate to your WeSuite sites in IIS. This includes WeSuite API, WeOpportunity, DocuSign,SiteSurvey.
Assuming you have allowed your server to communicate through port 443 on your firewall, and you have set up an A or CNAME record pointing to your server in your DNS hosting records, you will successfully be able to reach your WeSuite site on the Internet at the conclusion of this article.
- This article assumes you have already completed and have several things:
- You are using Windows Server 2012 R2 or Windows Server 2016
- WeSuite has been installed on your server
- IIS has been installed
- You’ve purchased your own SSL certificate and public domain name to which the certificate corresponds from the vendor of your choice. See e.g. https://www.digicert.com/ssl-certificate/ for steps on purchasing your own certificate (a possible SSL certificate vendor) or GoDaddy for instructions on creating a certificate request for your server.
- You’ve setup your host record in DNS – e.g. sales.yourcompanydomain.com to your WAN IP or cname to your host name and created firewall rules forwarding port 443 to the Server LAN ip address. You may also wish to enable http access over port 80 and redirect http to https to make it easier for users.
- Open up Server Manager
- In the top-right, click Tools, then click Internet Information Services (IIS) Manager
- Click on your server in the left pane
- Double-click on Server Certificates
- Click Import in the Actions pane on the right
- Browse to your certificate file. Provide password if necessary. Use the Personal certificate store. Click OK.
- You should now see your imported certificate under Server Certificates
- Expand the left pane so that you have the view below. Click on Wanpath.WebClient in the left pane.
- In the Actions pane on the right, click on Bindings
- Click Add. Do not delete the binding to existing port.
- Complete the fields. Select https as the type. Select All Unassigned for the IP address. Port 443 will be entered automatically. Input the hostname corresponding to the SSL Certificate’s fully-qualified domain name. Select your recently-imported SSL certificate for SSL certificate. Click OK.
- Your certificate is now bound to port 443. In order to browse to your site, in this case https://fs.mwdqa.com, a correct CNAME or A record must be set in your hosting provider’s DNS records and incoming firewall/port forwarding rules must exist to allow access from the internet (including and Windows Server firewall rules on the MWD Server).