Solved

Renew Certificate for local Intranet Website

Posted on 2008-06-11
5
1,142 Views
Last Modified: 2010-04-21
Some time ago I set up a site on our internal network. The site is hosted on a local 2003 web server.

We need to make it secure so I did so installed a certificate and using the GPO to push it out to all clients.

Well now I'm getting an expired message when trying to go to the site and I see it expired 3/11/2008 even though today is 6/11/2008.

It worked until today.

How do I renew it.

I installed the ticket on another server 2003 Standard server.
0
Comment
Question by:omnbit
  • 3
  • 2
5 Comments
 
LVL 11

Expert Comment

by:pcfreaker
ID: 21763330
HI,

The certificate was retrieved from a local CA (Standalone or Enterprise) or granted by a Vendor (Verisign)?
0
 

Author Comment

by:omnbit
ID: 21763377
local CA standalone i think.

Something I set up on our local server.
0
 
LVL 11

Accepted Solution

by:
pcfreaker earned 500 total points
ID: 21763908
Oki, you could request a renewal from the IIS server:

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* Select renew certificate
* Prepare the request now, but send it later
* choose the path and file name
Go to the ie and type the ca link: i.e. http://192.168.0.1/certsrv
* On the Microsoft Certificate Services page, click the Request a certificate link
* On the Request a Certificate page, click the advanced certificate request link
* On the Advanced Certificate Request page, click the Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
* You can paste the contents of the certificate request file into the Save Request text box on the Submit a Certificate Request or Renewal Request page. Note that you can not use the Browse for a file to insert link to insert the request because the default security settings on the browser will not allow you to do so.
* Open the certificate request file and press CTRL+A to select the entire contents of the file. Press CTRL+C or right click on the selected region and click the Copy command to copy the contents of the file onto the Windows clipboard.
* Return to the Submit a Certificate Request or Renewal Request Web page. Position the insertion point at the top left of the text box on the page. Press CTRL+V or right click at the insertion point and click the Paste command.
* The contents of the certificate request file are entered into the request text box. Click the down arrow for the Certificate Template drop down list and select the Web Server certificate template. Click Submit.
* Click Yes on the Internet Explorer dialog box that warns you that youre sending unencrypted data over the network.
* On the Certificate Issued page, click the Download Certificate Chain link. Click Save on the File Download dialog box.
* Save the file to a location on the local hard disk
* Click the Close button on the Download Complete dialog box after saving the certificate to the local hard disk.
* Downloading the certificate chain provides you with both the Web site certificate you requested and the CA certificate. You can place the CA certificate into the Trusted Root Certification Authorities certificate store if it is not already in place.

The final step is to bind the certificate to the service. Perform the following steps to bind the Web site certificate to the service you want to secure:
1. Open the Internet Information Services (IIS) Manager console, right click on the service you want to bind the certificate to, and click the Properties command

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* On the Pending Certificate Request page, select the Process the pending request and install the certificate open. Click Next
* On the Process a Pending Request page, use the Browse button to locate and select the Web site certificate you requested. The path and name of the certificate will appear in the Path and file name text box, click next
* Review the information regarding the certificate on the Certificate Summary page, click next.
* Click Finish on the Completing the Web Server Certificate Wizard page.
Click Ok and restart the web service.

Let me know if you get stuck.

0
 

Author Closing Comment

by:omnbit
ID: 31466229
Worked like a charm! Thx
0
 

Author Comment

by:omnbit
ID: 21772182
http://192.168.0.1/certsrv

I had to change to

the CA system IP/certsrv.

but it worked.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question