Using "Let's Encrypt" to request and enable free SSL security for IIS website

The easiest way to to provide free Let's Encrypt SSL security for IIS website is to use letsencrypt-win-simple tool.

  1. Download and extract letsencrypt-win-simple to a folder on your IIS server
  2. Run letsencrypt.exe and follow a simple command line wizard:
    • Provide email address for certificate expiration notifications
    • Select which ISS website you will be securing. Make sure your website has a correct host name in IIS Site Bindings. It will be used as the SSL certificate subject name.

Install PEAR Mail on Windows Server 2008R IIS7 PHP

This article assumes that you already have PHP installed and working and your PHP location is C:\PHP

Installing PHP for IIS 7 on Windows Server 2008R2

 

  • Download non-thread based PHP 7 from windows.php.net. (I used version php-7.1.5-nts-Win32-VC14-x64)
  • Extract all files to C:\PHP
  • Rename php.ini-production to php.ini and make following changes:
    • Uncomment and set: cgi.force_redirect = 0
    • Uncomment and set: fastcgi.impersonate = 1
    • Uncomment and set: extension_dir = "ext"
  • Add ;C:\PHP to Windows Environment PATH Variable: Control Panel > System > Advanced System Settings > Environment Variables > System Variables > Path
  • Try running php.exe -v from command prompt. You should get something like this:

    • If you get error (in the command prompt) "php.exe is not recognized as an internal or external command, operable program or batch file." - make sure C:\PHP PATH System variable was entered correctly and restart the server.
    • If you get Windows pop-up prompt with error "php.exe - The program can't start because VCRUNTIME140.dll is missing from your computer. Try reinstalling the program to fix this problem." - Download and install Microsoft Visual C++ 2015 Redistributable (x64).

Exchange / Outlook - There is a problem with the proxy server's security certificate

Issue

After replacing a wildcard SSL certificate (*.domain.com) with a basic single-server certificate (webmail.domain.com) remote clients using Microsoft Outlook can no longer connect to their email accounts on an Exchange server using HTTP Proxy Method. Outlook displays below error and then repeatedly prompts for a password:

There is a problem with the proxy server's security certificate.
The name on the security certificate is invalid or does not match the name of the target site webmail.domain.com.
Outlook is unable to connect to the proxy Server. (Error Code 0)

Newsletter

Subscribe to receive occasional updates on new posts.
Your email will not be used for any other purpose and you can unsubscribe at any time.
Please wait