Share via

Securing Connections with SSL

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1

Secure Sockets Layer (SSL) provides a secure, encrypted connection between the NNTP service and the client computer. SSL can protect your private information when users connect across a public network such as the Internet.

SSL support requires an SSL certificate, and this certificate has to be installed on a computer running a member of the Windows Server 2003 family. SSL must also be supported by the client software. Microsoft Outlook Express supports SSL.

If a server certificate is installed, the NNTP service uses SSL whenever a client requests it. You can optionally require SSL for all newsgroups or for newsgroups located in a virtual directory. You can also use SSL authentication of clients.

Procedures

To enable SSL

  • Obtain and install an SSL server certificate.

Important

You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /User:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".

To require an SSL connection for access to newsgroups

  1. In IIS Manager, expand the local computer, expand the NNTP virtual server, and then click Virtual Directories.

  2. In the details pane, right-click the virtual directory that you want to modify, and then click Properties.

  3. On the General tab, click Secure.

  4. In the Security box, select the Require secure channel check box.

To enable SSL authentication for clients

  1. In IIS Manager, expand the local computer, right-click the NNTP virtual server, and then click Properties.

  2. On the Access tab, click Authentication.

  3. In the Authentication Methods box, select the Enable SSL client authentication check box.