Monday, April 20, 2015

How To Get a .PFX File That Can Be Installed on a Windows Website Host (IIS Server)

Here is the definitive guide for installing your third party SSL certificate on an IIS (Microsoft) server, geared for the novice website admin.  Every step here involves working with Windows, clicking and copy-and-pasting -- no openssl command line stuff (whew)!  Every step here, on it's own, will be very well documented elsewhere.  So, for example, if you need to find out how to create an Microsoft Azure VM, just google it.

When I started this process, all I knew was that I needed a .PFX file and all I was able to get from my certificate provider (Go Daddy) was a useless .CRT file.  You might be in the same boat.  If this is the case, you do in fact need a .PFX file, and that .CRT file isn't actually useless.  Here's what you need to do:

Step 0). Buy an SSL certificate if you haven't already.  I purchased a wildcard SSL through Go Daddy since they offered it at a steep discount at the time.  A wildcard SSL, if you don't already know, will secure any subdomain under your main domain.  So, for example, I need to secure "", "" and plain old ""  Also, the wildcard option comes in hand for testing purposes so I can validate a new hosting account with a random sub-domain like this: before I upload the main event (no subdomain, or the main 'www' version) to that host.

1). Go to Azure and create a Windows Server 2012 VM.  Do a "Quick Create" and keep track of your username and password, because you will need them to log into the VM as well as for your .PFX file installation down the road.

2). After the VM is created, log in via Windows Remote Desktop.  The quickest way to do this is to select the VM in your Azure VM list, then click "Dashboard", then click "Connect" toward the bottom of the screen.  This will a file "thevmyoujustcreated.rdp" to be downloaded by your browser.  Opening this file will automatically start up a new Windows Remote Desktop session connected to your new VM.  You will  need to manually enter the username and password you saved from Step 1.  If Windows warns you about connecting to the host, just click OK because you trust the host you're connecting to.

3).  When you log into Windows Server 2012 for the first time, you will be given the option to find / connect to devices.  Click No.  Then the Server Manager will appear automatically.  Under "Configure this local server" click "Add Roles or Features."  Accept the defaults to add something to this server under the current user, etc.  Then, when you're given the option of actually chosing what to add, select "Web Server (IIS)".   All you really need is IIS Manager, and this should be selected by default if you just keep clicking "Next" and then finally "Install" to install IIS Manager.   This installation will probably take a few minutes to finish, so go get yourself another beer.

4). After the progress bar shows the installation is complete, click the Windows 8 style window at the bottom left of the screen, then search for "Internet Information Manager".  When it shows in the list, click it.  Navigate to the IIS Manager Windows.  Click your server name to the left.  If you get the message "Do you want to get started with Microsoft Web Platform ... " Click No.  Now double click "Server Certificates."  On the right side of the window click "Create Certificate Request."  Now, be careful to enter the correct domain into the "Common Name" field.  This is the only field that really matters.  If you only purchased a single domain cert, then enter the single domain (i.e. "").  If you purchased a wildcard cert, then enter "*".  Make sure the spelling is correct.  Then use your best judgement for the rest of the fields.  If this is business domain, enter your business information.  Otherwise enter your personal info (city, state and country is all you specify, nothing too specific).  Click Next.  Under "Cryptographic service provicer:" select "Microsoft RSA SChannel Cryptographic Provider".  Under "Bit length:" select "2048". Then save the text file as something obvious like "csr.txt" to your desktop.

5).  Click the File Manager icon at the bottom of the screen, then open the CSR text file you just created.  It should be plain text with some dashes as the top and bottom and some random characters and numbers in between.  NOTE: This data is specific to the server where you created the request, so you will need to keep this VM long enough to install the cert (a later step) and then get your .PFX file.  After that, you can delete the VM.

6).  Navigate to your certificate provider and paste this CSR text wherever your they tell you to.  As I mentioned earlier, I did this through Go Daddy.  In Go Daddy's SSL management interface, I was able to paste the text directly into a text box within their management interface for my wildcard cert, then click "Save and Update" to formally request that the cert be re-keyed using this CSR.  Go Daddy had my certificate re-keyed and ready to download in a few minutes.  You can either watch the screen or wait for the email.

7).  (Go Daddy specific) Download the zip file containing the .CRT file.  You will only need the .CRT file.  Copy the .CRT file from your local machine to the VM desktop.  Now navigate to your IIS Manager again and, right next to where you clicked "Create Certificate Request", now click "Complete Certificate Request."  Select the "*.*" file option, then open the .CRT file.  Then follow the default options to install the cert in your "personal" certificate store.

8). Under "Server Certificates" you will now see your new certificate listed.  Right click your newly installed cert, then select the option to export.  I believe .PFX will be the output format by default.

9).  Now, take your shiny new, solid gold .PFX file and install it wherever you please.  Also, you will need to remember the password you used to create your VM.  In my experience, as long as you have that .PFX file and password, then you can easily install your cert on any IIS server.

10).  Get yourself another beer, you deserve it!

Also, don't forget to delete your VM.  Even if this process took a full day, you shouldn't be charged more than a buck or two.

Did I miss anything?  Please let me know if there's anything here that needs further explanation.

Monday, February 23, 2015

Youtube Feature: Using Spinbot for Your Ebay / Amazon / Ecommerce Listings

Youtuber Angie Tonini-Rogers uses Spinbot to embed original, relevant text into her Ebay / Amazon / Ecommerce listings so that, from the one listing to the next, her products do not have duplicate content.

Note that that she pastes the final result into a word document as a final check for grammar / spelling mistakes.  This is a good idea, as you never know where a mistake might have been introduced, and ultimately you want to inspire confidence in your potential buyers by posting content with proper English grammar.


Hot British Girl Offers Some Quality SEO Advise

This hot British girl says, "Content is King" ... and I think she might be right.

Here is a quick overview of why more quality content translates to greater success on Google. This is because more quality content gives Google more chances to index and refer search engine users to your site.

And, of course, Spinbot is the quickest, most effective way to get that quality content, which will then result in your website or blog getting an ever increasing stream of valuable traffic.

By the way, how would you like to help me out by sharing and liking this Youtube video? Thanks!

New Whiteboard style Promo Video ... What Do You Think?

A new promo video (white board style) for Spinbot, including a basic user walk through:

If you have been using Spinbot, and it has proven to be a useful tool for you, please "like" or "share" the video for me ... this would be very helpful for me!

Monday, August 25, 2014

No-Captcha reCaptcha Now Implemented on

The newest innovation from reCaptcha, "No Captcha reCaptcha" has been rolled on on the home page.

This new version of reCaptcha is supposed to make your user experience easier by eliminating the need for you to enter a captcha (text) response ahead of time if Google estimates that you are probably not a bot.

I welcome all feedback regarding this captcha, for example:

- Is Google recognizing that you're not a robot very often (are you being required to click the check box and nothing else) ?

- If you do have to enter a captcha, is the text requirement easier or harder than before?

- Overall, is this an improvement over the standard captcha (example of the standard text based captcha can been seen on right now)

Please let me know via comments here, or you can email me:


Monday, June 30, 2014

Math Captcha Now Available Via

I have heard from numerous people that the text-based captchas required to use Spinbot in "free mode" tend to be really difficult to read.  Even after multiple attempts, some people are finding it difficult to pass this captcha requirement.

Well, fear not!  For I have created a spin-off article spinning / text paraphrasing site called, which uses the same article spinning API used by, except it employs a math challenge question instead of a text-based captcha.

The math challenge question is going to be very simple, of course, in the order of "two minus one = ?" or "nine plus three = ?".  The question is posed in big bold letters also, so it should be very easy to read.

I have created spin-off sites such as and, which use the same Article Spinning API as, to illustrate the opportunity you have to employ the Spinbot API to create your own article spinning tool, or to do anything you want related to text paraphrasing and/or rewriting.

Please note that you will need at least a small amount of programming know-how to use the Spinbot API.  To be more specific, I would recommend reading up on what are HTTP (Hyper Text Transfer Protocol) requests, and how they are commonly used throughout the internet.  Then I would recommend familiarizing yourself with a high level programming language that will make it easy for you to create and execute a Spinbot API request.  Actual code examples can be found on the Spinbot API how-to page.