Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Renew Certificate for local Intranet Website

Posted on 2008-06-11
5
Medium Priority
?
1,168 Views
Last Modified: 2010-04-21
Some time ago I set up a site on our internal network. The site is hosted on a local 2003 web server.

We need to make it secure so I did so installed a certificate and using the GPO to push it out to all clients.

Well now I'm getting an expired message when trying to go to the site and I see it expired 3/11/2008 even though today is 6/11/2008.

It worked until today.

How do I renew it.

I installed the ticket on another server 2003 Standard server.
0
Comment
Question by:omnbit
  • 3
  • 2
5 Comments
 
LVL 11

Expert Comment

by:pcfreaker
ID: 21763330
HI,

The certificate was retrieved from a local CA (Standalone or Enterprise) or granted by a Vendor (Verisign)?
0
 

Author Comment

by:omnbit
ID: 21763377
local CA standalone i think.

Something I set up on our local server.
0
 
LVL 11

Accepted Solution

by:
pcfreaker earned 2000 total points
ID: 21763908
Oki, you could request a renewal from the IIS server:

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* Select renew certificate
* Prepare the request now, but send it later
* choose the path and file name
Go to the ie and type the ca link: i.e. http://192.168.0.1/certsrv
* On the Microsoft Certificate Services page, click the Request a certificate link
* On the Request a Certificate page, click the advanced certificate request link
* On the Advanced Certificate Request page, click the Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
* You can paste the contents of the certificate request file into the Save Request text box on the Submit a Certificate Request or Renewal Request page. Note that you can not use the Browse for a file to insert link to insert the request because the default security settings on the browser will not allow you to do so.
* Open the certificate request file and press CTRL+A to select the entire contents of the file. Press CTRL+C or right click on the selected region and click the Copy command to copy the contents of the file onto the Windows clipboard.
* Return to the Submit a Certificate Request or Renewal Request Web page. Position the insertion point at the top left of the text box on the page. Press CTRL+V or right click at the insertion point and click the Paste command.
* The contents of the certificate request file are entered into the request text box. Click the down arrow for the Certificate Template drop down list and select the Web Server certificate template. Click Submit.
* Click Yes on the Internet Explorer dialog box that warns you that youre sending unencrypted data over the network.
* On the Certificate Issued page, click the Download Certificate Chain link. Click Save on the File Download dialog box.
* Save the file to a location on the local hard disk
* Click the Close button on the Download Complete dialog box after saving the certificate to the local hard disk.
* Downloading the certificate chain provides you with both the Web site certificate you requested and the CA certificate. You can place the CA certificate into the Trusted Root Certification Authorities certificate store if it is not already in place.

The final step is to bind the certificate to the service. Perform the following steps to bind the Web site certificate to the service you want to secure:
1. Open the Internet Information Services (IIS) Manager console, right click on the service you want to bind the certificate to, and click the Properties command

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* On the Pending Certificate Request page, select the Process the pending request and install the certificate open. Click Next
* On the Process a Pending Request page, use the Browse button to locate and select the Web site certificate you requested. The path and name of the certificate will appear in the Path and file name text box, click next
* Review the information regarding the certificate on the Certificate Summary page, click next.
* Click Finish on the Completing the Web Server Certificate Wizard page.
Click Ok and restart the web service.

Let me know if you get stuck.

0
 

Author Closing Comment

by:omnbit
ID: 31466229
Worked like a charm! Thx
0
 

Author Comment

by:omnbit
ID: 21772182
http://192.168.0.1/certsrv

I had to change to

the CA system IP/certsrv.

but it worked.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question