Solved

How do I add a certificate to IIS 6.0 after deleteing the request

Posted on 2003-12-04
3
187 Views
Last Modified: 2013-12-04
Here is my issue,
We have a hosted server running IIS 6.0. Win2003. Our customer wants us to use a cert from their CA. It will take them three days to process the request. They need to use the server immediately and want me to install a temporary cert for the three days.

However after I generate the request for a new certificate, the IIS server stays in a state where it is waiting for the request to be processed. The only options available are to delete the pending request or complete the pending request.
I need to be able to add a temporary cert for a number of days while the customer are processing their cert. I then need to to remove the temporary cert and add the customers cert.
It doesn't seem like this is possible. Is there a tool other than the IIS security tool that would enable me to do this?
If I delete the pending request I will be unable to install the cert when the customer sends it to me.
0
Comment
Question by:saunders4tom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 6

Expert Comment

by:Joseph_Moore
ID: 9879469
In IIS 4 and IIS 5, to do what you are suggesting means that you would need to delete the pending request, issue a new request, process that new request in your local certserv, apply the homemade cert on the IIS box, THEN issue a new pending cert request to be processed by the real CA.
For IIS 6, I do not know if it works the same, but I am gonna "assume" so (with all the perils that entails!).
You would need to delete the pending cert request that the CA is currently processing. Then make a new pending....

wait a second, now that I think about it.

There is nothing in the current pending cert request that would prevent it from being used by your local cert server and issue a cert based off of it.
But then, when the CA finally issued their cert, your choices then would be to either Remove the current homemade cert or request a New pending cert request. Either method would not let you use the CA issued cert.
So, no, I still don't think you can do what your customer suggested. It would invalidate the cert the CA is making.

Now, I do know you can pay more money and get cert request expedited. I did this with Verisign once, and got a cert in 24 hours (a little less, actually, from faxing the PO over to them until I had the cert in my  e-mail). So, did you look that option up?
0
 
LVL 6

Accepted Solution

by:
Sebo2000 earned 500 total points
ID: 9882345
Recreate the reuest one more time and it shoud work with no problems.
0
 
LVL 6

Expert Comment

by:Sebo2000
ID: 9904099
Glad I could help, it worked for me a few times.
Take Care
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Excel files protected mode 4 54
Linux / any OS that is much less prone to ransomware / malware than Windows 16 134
Work with App store 7 96
PCI compliance 16 59
In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question