# Windows ### 1. Install IIS #### 1.1. Add IIS role * Open `Server Manager` and click `Manage` -> `Add Roles and Features`. Click Next. * Select Role-based or feature-based installation and click Next. * Select the appropriate server. The local server is selected by default. Click Next. * Enable Web Server (IIS) and click Next. * No additional features are necessary to install the Web Adaptor, so click Next. * On the Web Server Role (IIS) dialog box, click Next. * On the Select role services dialog box, verify that the web server components listed below are enabled. Click Next. * Verify that your settings are correct and click Install. * When the installation completes, click Close to exit the wizard. #### 1.2. Enable WebSockets on IIS * Open Server Manager and click Manage. * Use the Add Roles and Features wizard from the Manage menu or the link in Server Manager. * Select Role-based or Feature-based Installation. Select Next. * Select the appropriate server (the local server is selected by default). Select Next. * Expand Web Server (IIS) in the Roles tree, expand Web Server, and then expand Application Development. * Select WebSocket Protocol. Select Next. * If additional features aren't needed, select Next. * Select Install. * When the installation completes, select Close to exit the wizard. #### 1.3. Download and install Windows Hosting Bundle * [Windows Hosting Bundle, which includes the .NET Core Runtime and IIS support](https://dotnet.microsoft.com/en-us/download/dotnet/thank-you/runtime-aspnetcore-6.0.36-windows-hosting-bundle-installer) Note: You MUST have IIS installed before installing Windows Hosting Bundle. ### 2. Download HES server **Option 1** You can download the zip file from: then unzip its contents to a folder `C:\Hideez\HES`. **Option 2** Or you can do it with PowerShell: ``` > Invoke-WebRequest -Uri https://update.hideez.com/hes/windows_x64_latest.zip -OutFile ~\windows_x64_latest.zip > Expand-Archive -LiteralPath ~\windows_x64_latest.zip -DestinationPath C:\Hideez\HES ``` this download and extract the HES to `C:\Hideez\HES` directory ### 3. Configuring the HES Navigate to the 'C:\Hideez\HES' directory and run the **HES.Wizard** application next, follow the setup tips and configure the server ### 4. Configuring IIS #### 4.1. Create a Self-Signed Certificate for IIS **Option 1 (creating a certificate using IIS)** * Start IIS Manager. * Click on the name of the server in the Connections column on the left. Double-click on **Server Certificates**. * In the Actions column on the right, click on **Create Self-Signed Certificate...** * Enter any *friendly* name (for example HES) and then click **OK**. * You will now have an IIS Self Signed Certificate valid for 1 year listed under Server Certificates. You can click on the created certificate and see its properties. **Option 2 (creating a certificate using PowerShell)** An alternative way to create a certificate is to use the cmdlet `New-SelfSignedCertificate` in PowerShell, which can be used to specify the required CN: ``` New-SelfSignedCertificate -DnsName -FriendlyName ``` for example: ``` New-SelfSignedCertificate -DnsName hideez.example.com -FriendlyName HES ``` #### 4.2**.** Add the Web Site * Start **IIS Manager**. * In the **Connections** pane, right-click the **Sites** node in the tree view, and then click **Add Web Site**. * In the **Add Web Site** dialog box, type a *friendly* name for your Web site in the **Site name** box. "HES" would be a good choice. * In the **Physical path** box, type the *physical path* of the Web site's folder (C:\Hideez\HES), or click the browse button **(...)** to browse the file system to find the folder. * If you want to select a different application pool than the one listed in the Application Pool box. In the **Select Application Pool** dialog box, select an application pool from the **Application Pool** list, and then click **OK**. * The default value in the **IP address** box is **All Unassigned**. If you must specify a static IP address for the Web site, type the IP *address* in the **IP address** box. * Optionally, type a host header name for the Web site in the **Host Header** box. * If you do not have to make any changes to the site, and you want the Web site to be immediately available, select the **Start Web site immediately** check box. * Click **OK**. * After warning, "The binding" \*: 80 ′ is assigned to another site ... ", click YES * In the **Bindings** pane click "Add" and Add site Binding with type https for you hostname port 443 and with you certificate (In the **SSL certificate** drop-down menu, select your certificate). * In **Sites** node turn off "Default Web Site". **4.3. Application pool configuration** * Go into the IIS Manager * Click on Application Pools (on the left) * Right click on your application pool * Select **Advanced Settings** * General * Change the value of **.NET CLR Version** to **No Managed Code** * Process Model * Change the value of **Idle Time-out (minutes)** to **0** * Change the value of **Load User Profile** to **True** * Recycling * Change **Regular Time Interval (minutes)** to **0** {% hint style="success" %} [Here](https://enterprise.hideez.com/hideez-enterprise-server/deployment/hes-update/windows) you can find an update guide for Windows. {% endhint %} {% hint style="info" %} By default, access to the new server:\ login - [admin@server
](mailto:admin@hideez.com)password - admin {% endhint %}