When you build your Microsoft Lab, an SSL Certificate is often required. In the past this was a cost problem, no one wants to buy a cert for 50 Euros or more for his personal Lab. The alternative was to install a CA or using self-signed certificates. Thank God, these times are over with free certificates from Let’s Encrypt.
Let’s Encrypt certificates have a maximum lifetime of 90 days; this is a little short for production environments, but won’t be a problem in your Lab for sure. However, automatic renewal is possible, certificate service binding is sometimes complex but most of the times solvable. Therefore, I will publish a blog article about certificate auto-renewal within a Microsoft RDS Farm in the future. Since March 2018, there are even free wildcard certificates. Nevertheless, an issue was the complex handling of the ACMESharp Client like in this example on GitHub.
Thankfully, there is a Software Project called “Certify the Web” aka “Certify”. With the Tool, you can easily install and auto-renew your free Let’s Encrypt Certificates. In this Blog Post, I want to give you a short overview of how to use this cool Let’s Encrypt GUI for Windows.
Choose the Target System
Decide on which Server you want to install Certify. If you want to use the certificate on a Microsoft IIS Website it is a good idea to install the Tool directly on the IIS Server, because the tool can automatically bind the certificate in IIS.
Get the newest Version from https://certifytheweb.com
Run the setup
Nothing to explain here, click through the installation wizard and you’re done.
Register for Mail Notifications
Specify a proper Mail address for renewal notifications.
Requesting a Certificate
Choose your Domain
Click the New Certificate button to request your certificate.
In this example, we choose to request a wildcard certificate and have no IIS installed on the Server.
Verify your Domain Ownership
Configure Authorization Settings in Certify SSL Manager
We use the manual DNS Validation because my Domain Name Registrar (1&1 Ionos) is not supported for auto-approval in the Certify SSL Manager.
Read more about this in the official Documentation => Link
After you configured the validation settings copy the values for the DNS text record, continue with the next step.
Create DNS TXT Record
Create the DNS text record in the management console of your domain name registrar.
Finalize the request
Optional: Export the certificate
As a result, you have a valid certificate for your Lab.
Last but not least
Kudos to Webprofusion Pty Ltd for their great work!