To use TLS to secure Blackboard Learn the IIS Web server must first be set to use TLS. Configuring TLS should only be done by an experienced Microsoft administrator.

Configure TLS for IIS

  1. Open the Internet Services Manager.
  2. Right-click the blackboard_bblearn Web site and select Properties from the menu.
  3. Select the Directory Security tab.
  4. Select Server Certificate in the Secure communications frame at the bottom of the tab.
  5. The Web Server Certificate Wizard will appear. The Status of your Web server should report that there is not a certificate installed and there are no pending requests. If anything else appears, there may be a certificate installed or a pending request already. Select Next to advance.
  6. Select Create a new certificate and select Next to advance.
  7. Select Prepare the request now, but send it later and select Next to advance.
  8. Enter a name for the certificate (the name of the Web site in IIS is the default) and select a bit length from the drop-down list. Blackboard recommends a bit length of 2048. To learn more about RSA key size recommendations, see How to Obtain a Certificate in About TLS. Select Next to advance.
  9. Enter the name of your Organization and your Organizational unit in the fields. This information is important to ensure that your certificate is unique and easily identified. Select Next to advance.
  10. Enter the Common name of the Web site. The host plus the domain name works best (example: Select Next to advance.
  11. Enter the appropriate geographical information for your institution. Select Next to advance.
  12. Enter a file name for the certificate request or select Next to select the default and advance.
  13. Select Finish to create the certificate request.
  14. Send the certificate request to a Certifying Authority. There are several commercial vendors or you can sign your own if you have the capability. The output from the Certifying Authority will be a file with the extension .cer.
  15. Once you have obtained a .cer file, return to the Web Server Certificate Server as described in Steps 1-4.
  16. Select Process the Pending Request and select Next to advance.
  17. Enter the location of the .cer file and select Next to advance.
  18. Select Next to advance through the summary steps (be sure to review the summaries to make sure you are installing the correct certificate!).
  19. Return to the Properties box for the blackboard_bblearn Web site as described in Steps 1 and 2.
  20. If the Web Site tab is not active, select it.
  21. Enter 443 for the TLS Port in the Web Site Identification frame at the top of the tab.
  22. Blackboard recommends the use of strong encryption. Typically, strong encryption means only using TLSv1+ algorithms. Visit the Microsoft Support article How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services.
  23. Restart the server to complete the process.