I needed to protect Orion's web console traffic with SSL. SolarWinds was kind enough to provide detailed instructions to request and install a certificate from a trusted authority, but I thought my pilot Orion installation could make do with a self signed certificate. Turns out it's a snap:
1. Download IIS 6.0 Resource Kit from Microsoft.
2. Install at least the Metabase Explorer and SelfSSL tools on your Orion web server.
3. Get the site ID for your Orion Web site. Start the Metabase Explorer from either the Start Menu or a command prompt. Expand LM, then expand W3SVC. Note your site ID. The default site ID is 1; mine was 2.
4. Create and install the self signed certificate. From a command prompt, type SelfSSL /? to see options. I used SelfSSL /T /S:2 /V:365. The T switch adds the self signed certificate to the trusted certificates list. The S switch specifies the site ID. If you use a site ID that doesn't exist, you'll see error opening site metabase key: 0x80070003. The V switch specifies the number of days the certificate will remain valid.
5. Push enter; yer done!
Note the security concerns of using a self signed certificate. Also, your users will see a security alert: The name on the security certificate is invalid or does not match the name of the site. I have read that setting a host header that matches the container name on the certificate will eliminate alerts when the browser is started on the server on which the web site is running. If you export the certificate to a file, then import it onto your users' computers, they will not see the message either.
