saunders4tom
asked on
How do I add a certificate to IIS 6.0 after deleteing the request
Here is my issue,
We have a hosted server running IIS 6.0. Win2003. Our customer wants us to use a cert from their CA. It will take them three days to process the request. They need to use the server immediately and want me to install a temporary cert for the three days.
However after I generate the request for a new certificate, the IIS server stays in a state where it is waiting for the request to be processed. The only options available are to delete the pending request or complete the pending request.
I need to be able to add a temporary cert for a number of days while the customer are processing their cert. I then need to to remove the temporary cert and add the customers cert.
It doesn't seem like this is possible. Is there a tool other than the IIS security tool that would enable me to do this?
If I delete the pending request I will be unable to install the cert when the customer sends it to me.
We have a hosted server running IIS 6.0. Win2003. Our customer wants us to use a cert from their CA. It will take them three days to process the request. They need to use the server immediately and want me to install a temporary cert for the three days.
However after I generate the request for a new certificate, the IIS server stays in a state where it is waiting for the request to be processed. The only options available are to delete the pending request or complete the pending request.
I need to be able to add a temporary cert for a number of days while the customer are processing their cert. I then need to to remove the temporary cert and add the customers cert.
It doesn't seem like this is possible. Is there a tool other than the IIS security tool that would enable me to do this?
If I delete the pending request I will be unable to install the cert when the customer sends it to me.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Glad I could help, it worked for me a few times.
Take Care
Take Care
For IIS 6, I do not know if it works the same, but I am gonna "assume" so (with all the perils that entails!).
You would need to delete the pending cert request that the CA is currently processing. Then make a new pending....
wait a second, now that I think about it.
There is nothing in the current pending cert request that would prevent it from being used by your local cert server and issue a cert based off of it.
But then, when the CA finally issued their cert, your choices then would be to either Remove the current homemade cert or request a New pending cert request. Either method would not let you use the CA issued cert.
So, no, I still don't think you can do what your customer suggested. It would invalidate the cert the CA is making.
Now, I do know you can pay more money and get cert request expedited. I did this with Verisign once, and got a cert in 24 hours (a little less, actually, from faxing the PO over to them until I had the cert in my e-mail). So, did you look that option up?