Learn how to set up Certbot on IIS. Our IIS Support team is here to help you with your questions and concerns.

Certbot IIS | Set up Guide

Securing our website with SSL plays a key role in ensuring data privacy and building trust with our users. For Windows Server users, managing SSL certificates can be streamlined with the help of Certbot.

Today, we are going to take a quick look at installing Certbot on Windows Server as well as issuing SSL certificates.

How to install Certbot on Windows

Before we begin, we have to make sure Snapd is installed and configured on our Windows Server. Once that’s set up, follow these steps:

1. First, download the latest Certbot installer for Windows from Certbot’s official website. https://certifytheweb.com
2. Then, run the installer and follow the wizard instructions.
3. Next, open a shell for Certbot by opening CMD or PowerShell as an administrator.
4. Now, run Certbot commands in the shell.

Now we can opt to run Certbot from two methods depending on whether we can stop our web server temporarily or need to keep it running:

1. Temporarily Stop Webserver:

   certbot certonly –standalone
2. Keep Webserver Running:

   certbot certonly –webroot

Furthermore, Certbot includes a Scheduled Task for automatic certificate renewal. We can test it with:

certbot renew –dry-run

If we have to stop our webserver to run Certbot we have to edit the built-in command to add the –pre-hook and –post-hook flags to stop and start our webserver automatically.

For example, if our web server is Apache 2.4, we have to add this to the certbot renew command:

--pre-hook “net.exe stop Apache2.4” --post-hook “net.exe start Apache2.4”

Finally, head to our website via HTTPS and make sure the lock icon appears in the URL bar, confirming proper SSL setup. This will confirm our site is up properly.

Installation of Certbot ACME Client on Windows

1. Download the Certbot ACME executable file from this link. https://dl.eff.org/certbot-beta-installer-win32.exe
2. Then, run the installer and follow the wizard instructions.
3. Once installation is complete, test Certbot by opening CMD and running:

   certbot –help

We can issue SSL Certificate Using Certbot as seen here:

1. First, stop the IIS service from the IIS manager or Windows services section.
2. Then, run the following command in Windows CMD:

   certbot certonly --standalone –register-unsafely-without-email
3. Next, agree to the terms and conditions by typing ‘Y’ and entering our domain name.
4. At this point, Certbot will issue the SSL/TLS certificate, private key, as well as intermediate certificate. The certificates will be saved automatically.
5. Now, start the IIS service again.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

In brief, our Support Experts demonstrated how to set up Certbot on IIS.