NelsonR
asked on
IIS 5, Private Key
To make a long story short, the "All Users.WINNT" folder in a Win2k Server machine with IIS 5 got deleted.
Whenever I try to export the private key & certificate (for the 2nd one we were issued) it says it's not exportable (this was not restored from a previous backup with the "exportable" option unchecked).
I have a .pfx backup of the 1st certificate we were issued, which contains both the private key & certificate.
My question is, do all certificates use the same private key (e.g. is the private key unique for every server, for for every certificate)? If they do, does anyone know of a way to join the private key from the 1st certificate to the 2nd one? That might mean "hacking" into the OS, but if anyone knows of anything I'd be really happy. :)
I was reading about the metabase IIS uses where everything is stored. Before I spend hours programming something I'd like to know if there's already a program that will do it and if it's even possible through the metabase API in the Win2k SDK.
I'd even be willing to give more than 300 points through another question if you can fix it for me. What sucks is that we got the certificate a month ago and won't expire for some time. And yes, I know to back it up next time--I'm somewhat new to SSL.
Whenever I try to export the private key & certificate (for the 2nd one we were issued) it says it's not exportable (this was not restored from a previous backup with the "exportable" option unchecked).
I have a .pfx backup of the 1st certificate we were issued, which contains both the private key & certificate.
My question is, do all certificates use the same private key (e.g. is the private key unique for every server, for for every certificate)? If they do, does anyone know of a way to join the private key from the 1st certificate to the 2nd one? That might mean "hacking" into the OS, but if anyone knows of anything I'd be really happy. :)
I was reading about the metabase IIS uses where everything is stored. Before I spend hours programming something I'd like to know if there's already a program that will do it and if it's even possible through the metabase API in the Win2k SDK.
I'd even be willing to give more than 300 points through another question if you can fix it for me. What sucks is that we got the certificate a month ago and won't expire for some time. And yes, I know to back it up next time--I'm somewhat new to SSL.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
As I said, I'm somewhat new to SSL so I didn't know how it all worked. I now know how to back it up (and believe me, I will! :). I've actually learned quite a bit about keys, etc. since this happened.
I don't think Thawte will buy it because it has been more than 30 days.
About brute force, http://www.allcondoms.com/ssl_security.htm talks some about it (I just did a search on google, don't ask about allcondoms.com). I don't think I'll try that anytime soon, especially with 128 bit keys (2^128 is a BIG number).
Anyway, I now know how they work.. sucks to be me. :) But then again, $200 isn't that much and I can live with it.
I don't think Thawte will buy it because it has been more than 30 days.
About brute force, http://www.allcondoms.com/ssl_security.htm talks some about it (I just did a search on google, don't ask about allcondoms.com). I don't think I'll try that anytime soon, especially with 128 bit keys (2^128 is a BIG number).
Anyway, I now know how they work.. sucks to be me. :) But then again, $200 isn't that much and I can live with it.
ASKER
http://www.cashcow.dk/Home/faq.html
I do have a Hex editor. The problem is I couldn't find "private-key", but I did find several "30 82"s. Maybe it's for an older version, but it might help other people out there. :)