DEV Community

Ken Darling
Ken Darling

Posted on

blazer server on IIS

I need some help trying to set up blazer server side up on my IIS, which I have done. It’s going to be an intranet page, I can access it but I get the this site is not secure and have to click the go to this page anyway. What do you have to do?

Top comments (3)

Collapse
 
zez9787 profile image
Zach Zollner

Sorry for the late reply. Hopefully you've gotten some help since posting.

Do you have an SSL cert for the intranet site? That's why you're getting the error. If you don't have one, you can either generate a self signed cert or since it's only an intranet page, you can just use http instead of https.

Collapse
 
guruguy00 profile image
Ken Darling

I am still working it out. I am new to web dev, I thought that I had managed to use http, but some users are still getting the warning. I do not believe I have a SSL cert, any resources on where I can go to figure out how/where to create an SSL Cert? and what to do with it once I have it.

Collapse
 
zez9787 profile image
Zach Zollner

sslshopper.com/article-how-to-crea...

That's a pretty long explanation of how to properly create a self signed cert. You can also do it through PowerShell with the below command if you're comfortable with that. Run the command on your web server. The below cert will last for 10 years which isn't that secure but it's what I've done for internal applications in the past.

New-SelfSignedCertificate -Subject "CN=IntranetApplications"
-DnsName [Name of application here] -CertStoreLocation cert:\localmachine\my -NotAfter (Get-Date).AddYears(10)

Once the cert has been generated, you can export it by opening the cert manager on the server and right clicking the cert All Tasks -> Export. Say yes to export the private key and give it a password.

Once the cert is exported, you can deploy it to all machines on your network through group policy or you can import it manually on each machine. That part is up to you. If you decide to deploy through group policy, import the policy into Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Public Key Policies -> Trusted Root Certification Authorities.

Hopefully that makes sense.