-Installing an SSL certificate on a Dedicated Server

In cases where a dedicated server is managed by a customer, a SSL certificate is required to secure the connection between Officedoxs and that server.

To create or renew a certificate:

1. Click Start > Programs > Administrative Tools > Internet Information Server (IIS) Manager.
2. Navigate Internet Information Services > [SERVER] > Web Sites > Default Web Site.
3. Highlight Default Web Site.
4. Click Action > Properties.
5. Click the Directory Security tab.
6. Click Server Certificate.
7. In the Web Server Certificate Wizard form, click Next.
8. Click Create a new certificate or Renew the current certificate depending on your requirements.
9. Click Next.
10. Select Prepare the request now, but send it later.
11. Click Next.
12. Enter your server details including a Common name, such as "myserver.domain.com".
13. Purchase or renew a True BusinessID certificate from GeoTrust.
    http://www.geotrust.com/ssl/ssl-certificates/

To install the certificate:

1. Once the web server certificate is received, copy the certificate into a text file with .cer extension on your server.
   Include all text and headers.  Example:
   
   -----BEGIN CERTIFICATE-----
   MIIC/jgixoegAwIBAgIDCxd/MA0GCSqGSIb3DQEBBQUAME4xCzasdfNVBAYTAlVT
   MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFvxY3VyZSBDZXJ0
   aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDkwNDI5MjEyMzA3WhcNMTAwNzMwMjEyMzA3
   WjCBiDELMAkGA1UEBhMCQ0ExGTAXBgNVBAgTEEJyaXRpc2ggQ29sdW1iaWExETAP
   BgNVBAcTCFJpY2htb25kMRkwFwYDVQQKExBIYXJib3VyIEFpciBMdGQuMQswCQYD
   aWZpY2FFsdcBdXRob3JpdHkwHhcNMDkwNDI5MjEyMzA3WhcNMTAwNzMwMjEyMzA3
   DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJY6Rw/ChN9Gi8F0Dt7Yw2z28mhBYCrA
   hi4y+X0Y5i0fRvxsK0uct27llxlDRe4h/XGjjieAzLl2KgxDei5jZpTq5S+0fFBD
   aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDkwNDI5MjEyMzA3WhcNMTAwNzMwMjEyMzA3
   Lo8FMWleqMzrAgMBAAGjga4wgaswDgYDVR0PAQH/BAQDAgTwMB0GA1UdDgQWBBQM
   aWZpY2F0ZSBsdfaob3JpdHkwHhcNMDkwNDI5MjEyMzA3WhcNMTAwNzMwMjEyMzA3
   Lmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDAfBgNVHSMEGDAWgBRI5mj5
   DQYJKoZIhvcNAQEDSFADgYEAS46ZgYfKhHFknzKZnHybVPunUrGNdnw1foqcrOP+
   K9KylddH2CMgEE8zmJfdsfAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
   Ohs
   -----END CERTIFICATE-----
2. From Internet Information Services (IIS) Manager, click Server Certificate as above.
3. Select Process the pending request and install the certificate, follow the wizard instructions.

To attach this certificate to SQL Server for integrated encryption:

1. Find the Thumbprint value of this new certificate.
   From Internet Information Services (IIS) Manager, click the Directory Security tab as above.
2. Click View Certificate.
3. Select the Details tab.
4. Find the Thumbprint field.  Note the Thumbprint value.
5. Start the Registry Editor, Start > Run > regedit.exe.
6. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQLServer\SuperSocketNetLib.
   Note: If you have configured your SQL Server with multiple instances, you may find SuperSocketNetLib in an alternate directory, such as:
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.1\MSSQLServer\SuperSocketNetLib.
7. Create or edit the "Certificate" key, using a String value.
8. Enter the Thumbprint value into this Certificate key.  It will be 40 characters in length.
   
   
   
9. Restart Microsoft SQL Server with the new certificate.
   Click Start > Programs > Administrative Tools > Services.
10. Select SQL Server (MSSQLSERVER) and click Action > Restart.
11. Close mmc and Services windows.

Further SSL encryption information for SQL Server 2005 can be found on the Microsoft support site:
http://msdn.microsoft.com/en-us/library/ms189067.aspx