Whether setting up a first time certificate or renewing an expired one, please follow the below instructions.

IIS Certificate Request
This step only needs to happen if you do not own a wildcard certificate.  RDP onto the middleware server which will eventually contain the Phoenix P21 API, and generate a CSR request by following the screenshots below

1. Open IIS Manager, Select your IIS Server Name on Left Nav and Double Click Server Certificates

3. Create Certificate Request

4. Name Your Certificate

5. Configure Your Settings

6. Save Certificate to Local Drive

7. Open Certificate and Copy to Clipboard

8. log into a Trusted SSL Authority such as Network Solutions or Go Daddy, purchase a new Wildcard SSL Certificate, and when asked, paste the CSR Request from the file you created in the previous step.   You should receive a ZIP file containing a .cer and a .pb7 file

Trusted SSL Authority Certificate Renewal
If you already have an SSL cert, and just need to to be renewed, log into the Trusted SSL Authority containing the expired cert, renew it (do not rekey it).  You should receive a ZIP file containing a .cer and a .pb7 file

IIS SSL Certificate Completion

1. Open IIS

2. Open Service Certificates

3. Complete Certificate Request

4. Choose the .crt file you received from the Trusted SSL Authority, name your cert, and select personal store


5.If installed successfully, you should be able to see it in your certificate window in step 3

6. Export the SSL Certificate

7. Save the PFX to a local drive and provide it a password

8.  Attach the PFX and include its password in a Triactive Ticket and we will use the PFX file to import the updated SSL Certificate on our side