How to install a Thawte SSL123 certificate in Microsoft IIS 7.0

Solution ID:    SO10664    Updated:    09/18/2015


Install a Thawte SSL123 certificate in Microsoft IIS 7.0


Thawte now offers the Symantec SSL Assistant to make it easy to generate a CSR and install a certificate for Microsoft IIS 7.0 servers running .NET 2.0 or higher. As an independent subsidiary of Symantec, Thawte offers Symantec SSL Assistant as a benefit of our corporate relationship.

Watch Thawte's Tutorial Videos for a more visual experience!

Note:  If you are unable to view the video, please click here to go directly to the video source.

To install a Thawte SSL123 Certificate on Microsoft IIS 7.0, follow the instructions below:
Thawte Reseller customers
Download your certificate in PKCS#7 format

Step 1 : Download your Thawte certificate

  1. You will receive an email when your certificate is issued.
  2. Download your certificate
  3. Select the 'PKCS#7' format option and click Pick Up certificate
  4. Copy and Paste your Thawte certificate to Notepad and save as a certificate.p7b

Step 2 : Install SSL certificate

  1. Click Start > Administrative Tools > Internet Information Services (IIS) Manager
  2. From the left menu, click the corresponding server name
  3. In the Features pane (middle pane), under Security, double-click Server Certificates

  4. From the Actions pane (right pane), select Complete Certificate Request

  5. Provide the location of the certificate file and the friendly name
    Note: Friendly name is a reference name for quick identification of the certificate for the Administrator
  6. If you get this error "CertEnroll::CX509Enrollment::p_InstallResponse: ASN1 bad tag value met. 0x8009310b" or similar, complete these steps

Step 3 : Add an HTTPS binding to a Web site
For IIS7, you need to bind the HTTPS protocol to a Web site then assigning the install certificate

  1. Click Start > Administrative Tools > Internet Information Services (IIS) Manager
  2. Browse to your server name > Sites > Your SSL-based site
  3. In the Actions pane, click Bindings.

  4. In the Site Bindings window, If there is no existing https binding, choose Add
    Note: if there is already a https binding, select it and click Edit

  5. From the Add Site Bindings window, provide the binding type

  6. Select the SSL certificate that will be used for this site
  7. Click OK

Step 4 : Verify certificate installation

  1. Stop and start your Web server prior to any testing
    Note: In some cases the changes may not take place after restarting IIS Services and a re-boot is needed.
  2. Verify the SSL certificate installation


Thawte has made efforts to ensure the accuracy and completeness of the information in this document. However, Thawte makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. Thawte assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document. Further, Thawte assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. Thawte reserves the right to make changes to any information herein without further notice.  

Knowledge Center

Search Tips