Create and install a certificate using IIS or import a pfx file, the cert can be SHA256 or whatever you want.
Open your Cert Manager,
- Run/open "MMC"
- File, Add/Remove Snap-in, Certificates, OK
- Expand the folder with your cert (generally Personal, Certificates)
- Right Click the Certificate, Open
- Details tab, near the bottom choose thumbprint and select the value
- remove the spaces from the hash value
- open a Command Prompt with elevated privileges
- run the following command using your SSL cert's thumbprint hash value in place of "HASHVALUE" remove the quotes.
- wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash=HASHVALUE
- It should say "Updating property(s) of ...
- then it should say .. update successful
That's it, you're done.
Best things to remember for password and email security,
- Passwords, Have a secure password with a minimum of 8 characters including small and capital letters, 1 or more symbols, as well and at least 1 number.
- Don't use easy to guess passwords that contain pets, kids, parents and/or sibling names or birth dates.
- Make your password something you would never share with anyone, many people use a favorite color, food, etc.. which they also post to social media sites like facebook.
- Separate your passwords, never use the same password for everything, if a website that you use is compromised(updated: recent example linkedin database compromised) then all of the stuff you use could become compromised. Generally its a good idea to use three or more passwords with variations of those passwords that you can change around for example H3l!0WoR!D, Hell0w0r!d, HelloW0rlD. This allows you to use basically the same password in many places but if one place is compromised it will minimize the impact since you are using a variations of the passwords in each place.
- Try to avoid needing password security questions and hints, don't give real answers that a potential hacker can find with little effort.
- Public terminals, Don't use public terminals to check your email or bank information as they can contain key-loggers which will compromise your account to hackers including government agencies.
- Free WiFi, Don't use public unencrypted free WiFi to send and receive email unless you are browsing and checking email with SSL only. (https:// for sites and webmail or SSL in your email configuration)
This may seem like a lot of work but having identity theft or compromised personal information will be a lot worse.