Solved

How do I add a certificate to IIS 6.0 after deleteing the request

Posted on 2003-12-04
3
190 Views
Last Modified: 2013-12-04
Here is my issue,
We have a hosted server running IIS 6.0. Win2003. Our customer wants us to use a cert from their CA. It will take them three days to process the request. They need to use the server immediately and want me to install a temporary cert for the three days.

However after I generate the request for a new certificate, the IIS server stays in a state where it is waiting for the request to be processed. The only options available are to delete the pending request or complete the pending request.
I need to be able to add a temporary cert for a number of days while the customer are processing their cert. I then need to to remove the temporary cert and add the customers cert.
It doesn't seem like this is possible. Is there a tool other than the IIS security tool that would enable me to do this?
If I delete the pending request I will be unable to install the cert when the customer sends it to me.
0
Comment
Question by:saunders4tom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 6

Expert Comment

by:Joseph_Moore
ID: 9879469
In IIS 4 and IIS 5, to do what you are suggesting means that you would need to delete the pending request, issue a new request, process that new request in your local certserv, apply the homemade cert on the IIS box, THEN issue a new pending cert request to be processed by the real CA.
For IIS 6, I do not know if it works the same, but I am gonna "assume" so (with all the perils that entails!).
You would need to delete the pending cert request that the CA is currently processing. Then make a new pending....

wait a second, now that I think about it.

There is nothing in the current pending cert request that would prevent it from being used by your local cert server and issue a cert based off of it.
But then, when the CA finally issued their cert, your choices then would be to either Remove the current homemade cert or request a New pending cert request. Either method would not let you use the CA issued cert.
So, no, I still don't think you can do what your customer suggested. It would invalidate the cert the CA is making.

Now, I do know you can pay more money and get cert request expedited. I did this with Verisign once, and got a cert in 24 hours (a little less, actually, from faxing the PO over to them until I had the cert in my  e-mail). So, did you look that option up?
0
 
LVL 6

Accepted Solution

by:
Sebo2000 earned 500 total points
ID: 9882345
Recreate the reuest one more time and it shoud work with no problems.
0
 
LVL 6

Expert Comment

by:Sebo2000
ID: 9904099
Glad I could help, it worked for me a few times.
Take Care
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question