USING LET’S ENCRYPT REDIRECT

FROM HTTP TO HTTPS

 Step1: Install IIS (Internet Information Services)

Open Server Manager by searching Server Manager in Start Menu. Click on
Add roles and features link.

Below are the detailed instructions to follow on each tab of Add roles and
features wizard.

- Before You Begin: This tab explains the details of Add roles and feature
wizard. You can read it or just click Next to get to the next tab.
- Installation Type: Choose “Role-based or feature-based installation” and
click Next.
- Server Selection: Select the option “Select a server from the server pool”
and click on your server from the list of “Server pool”.
- Server Roles: Scroll down on the list of roles to find the “Web Server
(IIS)”. When prompted for the required features, leave the default options
checked and click on Add Features button. Click the Next button.
- Features: Leave the default options checked here also and click the Next
button without making any changes.
- Web Server Role: Leave the default options checked as we are creating a
basic web server only and click Next button for proceeding to the
confirmation screen.
- Confirmation: Review the changes once and click on the Install button
to start the installation.
 Step2: Adding Website to IIS
- Before you begin: create an A record on your domain

- Open the IIS Manager by searching IIS in the search menu. Expand
HOST → Sites on the left pane, you will find the default web site. To add
a new site in IIS web server, click on the Add website link from the right
panel
- On Add Website prompt, Provide a Site name to identify your site. Let
the value of Application pool remain the same as the Site name. Put the
path of the directory. Leave the default value in Binding Type, IP address
and Port. Put the actual domain name in Host name field. Click the button
OK to add the site and start it.
 Step3: Download Let’s Encrypt Client
- There are many different client applications available for generating Let’s
Encrypt certificates. In this tutorial, we will use win-acme client as it is a
very simple, open-source and actively developed command-line
application. It not only generates the certificates but also installs and
renews them automatically.
- Download the latest version of the application on the server from its
Github release page. On the release page, scroll down to find the assets
and download the zip archive with the name win-acme.v2.x.x.x.zip . If
you are having trouble using internet explorer, you can follow this tutorial
 to install Chrome on the server. Once downloaded, extract the application
and move it to some safer location for future use.

 Step4: Generate Let’s Encrypt Certificates

- Note: The domain which you are using must be pointed towards your
server. Let’s Encrypt will verify it before issuing the certificates.
- To generate the Let’s Encrypt certificates, simple run wacs.exe. You may
get a message from Windows Defender saying “Windows protected your
PC” because we downloaded the application from the internet. Click on
“More Info” link and then click on “Run Anyway” button. The
application is totally safe to run as it is open source and actively used by
many people. You may also need to allow the application if any
UAC(User Access Control) prompt comes.
- Once the application starts, follow these simple steps.
- Press N on the initial menu to choose the option to “Create a new
certificate”.
- Next, It will ask you “What kind of certificate would you like to create?”.
Enter 1 to choose “Single binding of an IIS site” option.
 - Now the application will retrieve the list of websites from the IIS server
and display it in command prompt. You will see the site we created on
step 3 listed there. Press the number shown in front of the site.
- It will now ask for your email to send you renewal notices. Provide your
email address and agree to the terms and conditions.

That’s it. If your domain is pointing to your server, it will successfully

generate an SSL certificate for you. It will also add a scheduled task which
will automatically renew the certificate when it will be due for renewal. The
application will also install the SSL certificate for you.
Now, you can access your website using HTTPS,
eg. https://snelexample.site and you should see the connection is
secured with a valid certificate.

Conclusion
In this detailed tutorial, we have installed the IIS server on Windows server
2019. We also created a demo website and added it into the IIS server. Finally,
we generated and installed Let’s Encrypt SSL certificate on the demo website
we created