Configuring IIS 7 and IIS 8

For a three-tier configuration using IIS 7 or IIS 8, there are no configuration changes required on the ActivID CMS application server. To install the IIS redirector on an IIS 7 server or IIS 8.0 server (tier 1), complete the following steps.

Note: The procedure illustrates options for IIS 7.

  1. Go to the ISAPI folder and copy ISAPI folder <CMS install path>\ISAPI\ from the installed ActivID CMS server to the IIS 7 server that is acting as the redirector server.    

    Window displaying contents of ISAPI folder on local disk

    Connections panel of Internet Information Services (IIS) Manager window with Sites node selected in left panel and Add Web Site selected in the pop-up menu

  2. To add a new ActivID CMS website to the IIS redirector server, go to the Connections panel in the Internet Information Services (IIS) Manager main window.

  3. Right-click on Sites, and then click Add Web Site. The Add Web Site dialog is displayed.

    Add Web Site dialog box with Site name set to CMS website and various other fields completed

  4. Enter the Site name of the ActivID CMS website (in this example, the name is CMS website).

  5. Verify that the Physical Path contains a valid path (in this example, it is C:\ISAPI\bin).

  6. Select https as the Binding Type.

    The Binding enables you to configure the binding to https (Hypertext Transfer Protocol Secure).

  7. Select the SSL certificate that was generated previously for this server (in this example, the SSL certificate is W2K8-RedirIIS7). 

  8. Optionally, select the option Start Web site immediately.

  9. Click OK. This creates the ActivID CMS website.

  10. From the IIS Manager main window, select the IIS Server in the connections panel. The IIS Server Home page appears.

    IIS Server Home page with IIS section indicated by a red arrow and with a hand icon clicking the ISAPI and CGI icon

  11. Scroll down to locate the IIS panel of the Home page.

    Make sure that you have selected the IIS server in the Connections panel.)

  12. Click ISAPI and CGI. The ISAPI and CGI Restrictions page appears.

    ISAPI and CGI Restrictions page with Add ISAPI or CGI Restriction dialog box open and the Allow extension path to execute option selected

    ISAPI Filters window where you can configure filters that process requests to the Web server

    From this page, you can add ISAPI and CGI restrictions at the IIS server level.

  13. On the ISAPI and CGI Restrictions page, right-click to display the shortcuts menu, and then click Add ISAPI and CGI Restrictions.

  14. In the Add ISAPI or CGI Restriction dialog, click Browse to locate the ISAPI or CGI path for the server file.

  15. Enter a meaningful Description (for example “Admin”).

  16. Select the option Allow extension path to execute.

  17. Click OK. The ISAPI and CGI Restrictions page appears with the new values you just configured (see the red arrow in the next illustration).

    ISAPI and CGI Restrictions page with Admin and its path indicated with red arrows, and with the Add ISAPI or CGI Restriction dialog box open     

  18. From the Home page, click ISAPI and CGI again. The ISAPI and CGI Restrictions page reappears.

  19. Click Browse to locate the ISAPI or CGI path for the server ID file.

  20. Enter a meaningful Description (for example, “MyID”).

  21. Select the option Allow extension path to execute.

  22. Click OK to configure these restrictions settings. The ISAPI and CGI Restrictions page appears with the new values you just configured.

  23. Return to the Connections panel, and then expand the Sites folder, if needed.

    Connections panel of Internet Information Services (IIS) Manager window with CMS Website selected first in left panel (indicated by a hand icon with a 1 circled in red) and with ISAPI Filters selected next in the right panel (indicated by a hand icon with a 2 circled in red)

  24. In the Connections panel, click CMS Website. The CMS Website Home page appears (where you will configure two ISAPI filters).

  25. Click ISAPI Filters. The ISAPI Filters page appears.

    ISAPI Filters window with Add ISAPI Filter dialog box open with the Filter name set to MyID and the Executable field completed

    From the ISAPI Filters page, you can add ISAPI filters at the IIS server level.

  26. Right-click to display the shortcuts menu, and then click Add ISAPI Filter.

  27. Enter a Filter name for the first of two filters (for example, “MyID”).

  28. Click the browse button to locate and enter the full path to the Executable .dll file.

  29. Click OK to configure the ISAPI filter settings for the first filter.

    ISAPI Filters window with Add ISAPI Filter dialog box open with the Filter name set to Admin and the Executable field completed

  30. Repeat step 27 to 29 for the second filter.

  31. Return to the Connections panel.

    Connections panel of Internet Information Services (IIS) Manager window with Administration selected in the left panel and SSL Settings icon selected in the right panel

  32. In the Connections panel, under CMS Website, click Administration. The Administration Home page appears.

  33. In the IIS panel in the Admin Home page, click SSL Settings. The SSL Settings page appears.

    SSL Settings page with Require SSL option checked and Require option selected in Client certificates section

  34. To configure SSL settings in the Admin virtual directory (and SSL Settings window), select the Require SSL option.

  35. Under Client certificates, select the Require option.

  36. In the Actions panel, click on Apply to save the changes.

  37. In the Connections panel under CMS website, click MyDigitalID. The MyDigitalID Home page appears.

  38. In the IIS panel, click SSL Settings. The SSL Settings window reappears.

  39. To configure SSL settings in the MyDigitalID virtual directory (and SSL Settings window), select the Require SSL option.

  40. Under Client certificates, select the Ignore option.

  41. In the Actions panel, click on Apply to save the changes.

The next step is to Configure Handler Mappings.

Topics in this section: