Let's Encrypt is FREE and easy to install with a right tool.
Steps to use Let's Encrypt with IIS:
- Download and install Certify.
- Run Certify, and register a new email for contact (required).
- Tap "New Certificate"
- Tap "Certificate Domains" on the right column.
- Enter certificate name as you wish.
- Select a website from the drop-down list.
- Add domains (e.g. www.mydomian.com, mydomain.com)
- Tap "Authorization"
- Challenge Type: dns-01
- DNS Update Method: (Update DNS Manually)
- Add email address for notification.
- Follow the instructions to add a TXT record to the domain DNS settings. If DDNS service is used, the record should be added at the DDNS service provider's website instead of the domain registrar's website.
- Tap "Request Certificate" at the top right corner.
- Tap "Deployment" on the right column.
- Select Deployment Mode: Single Site (selected in Domains tab).
- Select Binding Add/Update: Add or Update https bindings as required.
- Select all options of "Matching any of"
- Tap Save button at the top.
- Turn off Firewall temporarily.
- Tap Test button to test to make sure it is successful.
- If the deployment has not made the certificate binding, one can use IIS manager to bind HTTPS of the website to the generated certificate which name is in the format: www.mydomain.com [Certify]...
The entire process should take less than 10 minutes.