Certificate for my domain on Windows 2016 and IIS


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: digitalanand.com

I ran this command:

It produced this output:

My web server is (include version): IIS

The operating system my web server runs on is (include version): Windows 2016

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): I am using win-acme.v2.0.4.227

Hello guys, sorry I am new to certification. Basically my requirement is, I have several project running on above domain and these projects are running as subdomain, also this is hosted on different servers, all of them are on IIS. So how can I generate one certificate which I can use between multiple servers? Once this is done, every 90 days do I have to reinstall new certificate on all servers or renewal from one of the server will renew on all projects?

Thanks,
Pat.


#2

Hi @patv2learn

you can create max. 50 certificates per week per domain.

And you can create one certificate with max. 100 different domain names. Or you use a wildcard certificate.

What’s the best? I don’t know. You can create one certificate and deploy it. Or every server has it’s own client and creates a certificate with a subdomain name.

A wildcard certificate requires dns-01 validation, so you have to create a dns TXT entry. Amazing, if your DNS-provider supports an API. Terrible, if you have to do that manual.

Yep, Letsencrypt certificates are 90 days valid. So you should have an automation to renew the certificates.


#3

Thanks for the details Jergen. Numbers you gave me are more than enough for me and most of my app will be running as sub-domain.

Can you please lead me to the document / article about this? I mean how to get generate / use this certificate. I will be using Windows 2016 Server with IIS.

Thanks.


#4

Check the basics:

Then select a client: