Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagepowershell
$todaydt = Get-Date
$10years = $todaydt.AddYears(10)
New-SelfSignedCertificate -dnsname *.YourServerNameHere.YourDomainNameHere.Local -notafter $10years -CertStoreLocation cert:\LocalMachine\...

Navigate to Microsoft Management Console (MMC) and add the snap-in for certificates at the local computer account. Copy the PowerShell Self-Signed Certificate from the Personal > Certificates folder and paste it to the Trusted Root Certification Authorities > Certificates Folder. This step will ensure that the local machine has access to the certificate.

In order for the entire domain to recognize the certificate we suggest using Active Directory Group Policy to deploy the certificate. The steps below can be used to configure the certificate deployment within active directory group policy:

  1. Log in to your Active Directory server using a domain administrator account

  2. Open the Group Policy Management Console

  3. Create a new GPO or use an existing one of your choice

  4. Right-click the desired Group Policy Object and select “Edit”

  5. Go to Computer Configuration -> Policies -> Windows Settings -> Security Settings ->Public Key Policies

  6. Right-click Trusted Root Certification Authorities, and select “Import”

  7. In the Certificate Import Wizard click Next, and in the File to Import page, click Browse and navigate to where your certificate is saved, and double click it

  8. With the cert listed in the “File name” click Next

  9. Accept the default option, Place all certificates in the following store (Trusted Root Certification Authorities), click Next, and then click Finish and OK

  10. Link the GPO to the OU of the systems you want the certificate installed onto

Note that you should only need one certificate per Web Server.

...

Each instance of NorthScope Live and Test should have their own Website and Application Pool with the same naming conventions as the database and file structure.

  1. Open IIS Manager on the web server

  2. Create the Application Pool

    1. Navigate to Application Pool and right click to “Add Application Pool”

      • Configure the name to match the file structure and database, using our example this would be: NS_Live_NLP

      • Verify the “.Net CLR Version v4.0.30319“ is selected

      • Select “Integrated” pipeline mode

      • Check the “Start application pool immediately” option

    2. Edit the Advanced Settings of the Application Pool

      • Select to the “Identity” setting to set a Custom account and use the user setup in Step 4: “YourDomain\NS_Live_NLP”

    3. Improve performance by adjusting the Regular Time Interval

      • This Advanced Setting determines how long before a connection that is not active is closed. Under the Application Pool Tasks, expand “Recycling”. Change the Regular Time Interval to 120 minutes.

  3. Create the Website

    1. Navigate to Sites and right click to “Add Website”

      • Enter a Site Name that matches the instance name, in our example this would be: NS_Live_NLP

      • Select the previously created Application Pool

      • Point the Physical Path to the path you are using from Step 5. In our example this would be: “C:\NorthScope\NS_Live_NLP\Web”

      • Click the Connect as button so that we can specify the account used to access the website path. Set the User Name to match the user we setup in Step 4: “YourDomain\NS_Live_NLP”

      • Set Binding Type = “https”

      • Enter Host Name as the NorthScope instance and then the full computer name or fully qualified domain name depending on tour setup.

        • If using a local domain with our instance name example this would be: NS_Live_NLP.YourServerHere.YourDomain.local

        • If using a proper domain this would be: NS_Live_NLP.YourDomain.com

      • Select your previously purchased and installed certificate or your self-signed certificate

    2. Edit the Advanced Website Settings to improve performance

      • Select IIS > Default Document and move “Default.aspx” to the top of the list

Note that you will need one website for each NorthScope instance.

...