How to Enable HTTPS on IIS Web Server?

How to Enable HTTP/s on IIS?

(3 votes, average: 5.00 out of 5)

Windows Web Server, or Internet Information Services (IIS), is a Microsoft web server that runs on the Windows OS and can – host, deploy, and manage web applications using technologies like ASP.Net, PHP, etc.

The latest version of IIS is IIS 10, which supports the HTTP/2 protocol, offering lower latency than HTTP 1.1 and improved resource utilization.

This article will explore: “How to enable HTTP/2 protocol on IIS?”. But before we do that, it would be better to be aware of important points related to using HTTP.2 on IIS.

Important Points To Consider

IIS 8.5 on Windows Server 2012 R2 or lower version does not support HTTP/2 protocol.
Windows 10 and Windows Server 2016 support HTTP/2.
As of now, IIS only supports HTTP.2 over Transport Layer Security.
There are currently no configuration settings in IIS exclusive to HTTP/2, and there is no need to create a new DuoEnabled registry key and set it to 1.
If both – your server and browser support HTTP/2, IIS will automatically use it. If this is not possible, it will fall back to HTTP 1.1.
If you have enabled HTTP/2 on IIS and use Windows authentication methods like NTLM, Kerberos, Negotiate, etc., IIS will revert to HTTP/1.1 as h2 does not support such methods.
Using IIS’s feature to limit the bandwidth will work for HTTP/1.1 but won’t affect HTTP/2.

How to Enable HTTP/2 on IIS?

You can enable HTTP/2 on IIS using these three steps:

Install Internet Information Service Manager.
Create a self signed certificate.
Bind the certificate.

Now, let’s comprehend how to perform these three steps in detail.

Install Internet Information Service Manager

Follow the steps mentioned below to install IIS Manager:

Click Search, placed on the taskbar.
Type Turn Windows features on or off, and press Enter.
The Windows Features dialog box will appear. (It may take a minute to load.)
Check the box in front of the Internet Information Services option.
Click OK.

Install the Internet Information Service Manager by following the on-screen instructions.

Create a Self-Signed Certificate

Note: Using a self-signed certificate is not recommended as they can’t stop security warnings and are not trustworthy.

Follow the steps mentioned below to create a self-signed certificate:

Click Search, placed on the taskbar.
Type IIS Manager and press Enter.
The Internet Information Service (IIS) Manager window will appear.
In the Internet Information Service (IIS) Manager window, perform the following actions:
- Double-click on Server Certificates.
- Under the Actions column, click Create Self-Signed Certificate.
- In the Specify a friendly name for the certificate field, type a name as per your preference.
- From the Select a certificate store for the new certificate list, select Web Hosting.
- Click OK.

Bind the Certificate

Follow the steps mentioned below to bind the certificate:

Under the Connections column, expand Sites.
Click Default Web Site.
Under the Actions column, click Bindings.
The Site Binding dialog box will appear.
Click Add.
The Add Site Binding dialog box will appear.
From the Type list, select https.
From the SSL certificate list, select the name of the certificate that you created earlier.
Click OK.

How can you verify that HTTP/2 has been enabled?

To verify whether HTTP/2 is enabled or not, you can use Developer Tools. Follow the steps mentioned below to accomplish the same:

Open a fresh tab on Chrome.
Enter the site’s URL.
Click the Customize and control Google Chrome icon (three vertical dots).
From the list, select More tools.
Click Developers tools.
Click on the Network tab.

Observe the value under the Protocol column. It will be showing as h2, which verifies that HTTP/2 has been enabled on IIS.

Conclusion

Enabling HTTP/2 or h2 in IIS is a simple task and can be accomplished by performing three simple steps. First, install IIS Manager; Second, make a self-signed certificate; third, bind that certificate.