Hi all!

Soon we may be incorporating SSL setup into our web app. What I was thinking of doing was adding an install runtime file browser to their certificate file. I found this, which is quite helpful.

Then I saw that the Certificate can be set in Internet Information Services view -> Web Sites. So, I'm thinking I can just put [IS_BROWSE_FILEBROWSED] in that SSL Certificate setting with a dialog prompt for a password and all would be good. However, it seems you have to actually browse to a file in the SSL Certificate field. You can't edit it with a Property.

Is this not possible? I'm not all that familiar with SSL setup, but it had to be set up manually, post install with our older product. I'm pushing to actually handle all of this, or as much as possible during the install itself.

Any pointers, suggestions MUCH appreciated!
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

1
Err I kinda understand what you are trying to achieve, but kinda not. Can you please explain in more detail?

What are you trying to do with the SSL cert? Are you putting the cert in your own computers, as in you have access and you can administer your own computers, or is this for a 'in the wild' client computers (ie like my personal computer).

Anyway: If it's your own network and you can manage them, use GPO to sort out the SSL stuff.  Or you can add this cert to your PKI.

If it's for a in the wild deployment, you can just add it to the package/installer and use the windows built in tools to add the cert - make sure you use the correct tool that will cover all your supported o/s's!
Answered 04/30/2016 by: rileyz
Red Belt

  • I'm thinking that when a user sets up SSL for our web application that they use an SSL certificate they have in their possession and not something that is ours included in the binary table of the installer package.

    My thought is that during our install we collect the path to their certificate with password then hopefully I could add the file path property to that SSL setting in InstallShield.
    • Hummm I think I understand what you are trying to do now.

      Im not sure how the SSL cert add method works - so I cant help you on that front, but what you state makes sense, get the path to the cert and the password - then action the Installshield SSL cert add. I guess you could find the action in the INSTALLEXEC seq, move it later on after you have the information (path and password) but I have a feeling the method wont support it.

      You probably need to use certutil, and then appcmd in a CA to accomplish what you require.
      http://www.awesomeideas.net/post/How-to-configure-SSL-on-IIS7-under-Windows-2008-Server-Core.aspx

      Good luck!
      • Yep, that's what I was thinking cert utility via custom action.
Please log in to comment
Answer this question or Comment on this question for clarity