将服务器身份验证证书导入到默认网站Import a Server Authentication Certificate to the Default Web Site

从证书颁发机构 CA 获取服务器身份验证证书后 ( ) ,必须在服务器场中的每个联合服务器或联合服务器代理的默认网站上手动安装该证书。After you obtain a server authentication certificate from a certification authority (CA), you must manually install that certificate on the Default Web Site for each federation server or federation server proxy in a server farm.

对于 Web 服务器,必须在相应的网站或你的联合应用程序所在的虚拟目录上手动安装服务器身份验证证书。For Web servers, you must manually install the server authentication certificate on the appropriate Web site or virtual directory where your federated application resides.

如果你要设置某个服务器场,请务必在服务器场中的每个服务器上执行同样的过程(使用完全相同的设置)。If you are setting up a farm, be sure to perform this procedure identically—using the exact same settings—on each of the servers in your farm.

备注

"AD FS 管理" 管理单元 - 是指作为服务通信证书的联合服务器的服务器身份验证证书。The AD FS Management snap-in refers to server authentication certificates for federation servers as service communication certificates.

若要完成此过程,至少需要是本地计算机上的管理员组或等效组中的成员。Membership in Administrators, or equivalent, on the local computer is the minimum required to complete this procedure. 查看有关使用适当帐户和本地和域默认组中组成员身份的详细信息。Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups.

将服务器身份验证证书导入到默认网站To import a server authentication certificate to the Default Web Site

  1. 在 "开始" 屏幕上,键入 "Internet Information Services ( IIS ) 管理器",然后按 enter。On the Start screen, typeInternet Information Services (IIS) Manager, and then press ENTER.

  2. 在控制台树中单击 “ComputerName”In the console tree, click ComputerName.

  3. 在中心窗格中,双击 - "服务器证书"。In the center pane, double-click Server Certificates.

  4. “操作” 窗格中单击 “导入”In the Actions pane, click Import.

  5. 在 "导入证书" 对话框中,单击 " ... "In the Import Certificate dialog box, click the 按钮。button.

  6. 浏览到 pfx 证书文件所在的位置,突出显示它,然后单击 “打开”Browse to the location of the pfx certificate file, highlight it, and then click Open.

  7. 键入该证书的密码,然后单击 “确定”Type a password for the certificate, and then click OK.

其他参考Additional references

清单:设置联合服务器Checklist: Setting Up a Federation Server

清单:设置联合服务器代理Checklist: Setting Up a Federation Server Proxy

联合服务器的证书要求Certificate Requirements for Federation Servers

联合服务器代理的证书要求Certificate Requirements for Federation Server Proxies