Solved

Renew Certificate for local Intranet Website

Posted on 2008-06-11
5
1,124 Views
Last Modified: 2010-04-21
Some time ago I set up a site on our internal network. The site is hosted on a local 2003 web server.

We need to make it secure so I did so installed a certificate and using the GPO to push it out to all clients.

Well now I'm getting an expired message when trying to go to the site and I see it expired 3/11/2008 even though today is 6/11/2008.

It worked until today.

How do I renew it.

I installed the ticket on another server 2003 Standard server.
0
Comment
Question by:omnbit
  • 3
  • 2
5 Comments
 
LVL 11

Expert Comment

by:pcfreaker
Comment Utility
HI,

The certificate was retrieved from a local CA (Standalone or Enterprise) or granted by a Vendor (Verisign)?
0
 

Author Comment

by:omnbit
Comment Utility
local CA standalone i think.

Something I set up on our local server.
0
 
LVL 11

Accepted Solution

by:
pcfreaker earned 500 total points
Comment Utility
Oki, you could request a renewal from the IIS server:

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* Select renew certificate
* Prepare the request now, but send it later
* choose the path and file name
Go to the ie and type the ca link: i.e. http://192.168.0.1/certsrv
* On the Microsoft Certificate Services page, click the Request a certificate link
* On the Request a Certificate page, click the advanced certificate request link
* On the Advanced Certificate Request page, click the Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
* You can paste the contents of the certificate request file into the Save Request text box on the Submit a Certificate Request or Renewal Request page. Note that you can not use the Browse for a file to insert link to insert the request because the default security settings on the browser will not allow you to do so.
* Open the certificate request file and press CTRL+A to select the entire contents of the file. Press CTRL+C or right click on the selected region and click the Copy command to copy the contents of the file onto the Windows clipboard.
* Return to the Submit a Certificate Request or Renewal Request Web page. Position the insertion point at the top left of the text box on the page. Press CTRL+V or right click at the insertion point and click the Paste command.
* The contents of the certificate request file are entered into the request text box. Click the down arrow for the Certificate Template drop down list and select the Web Server certificate template. Click Submit.
* Click Yes on the Internet Explorer dialog box that warns you that youre sending unencrypted data over the network.
* On the Certificate Issued page, click the Download Certificate Chain link. Click Save on the File Download dialog box.
* Save the file to a location on the local hard disk
* Click the Close button on the Download Complete dialog box after saving the certificate to the local hard disk.
* Downloading the certificate chain provides you with both the Web site certificate you requested and the CA certificate. You can place the CA certificate into the Trusted Root Certification Authorities certificate store if it is not already in place.

The final step is to bind the certificate to the service. Perform the following steps to bind the Web site certificate to the service you want to secure:
1. Open the Internet Information Services (IIS) Manager console, right click on the service you want to bind the certificate to, and click the Properties command

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* On the Pending Certificate Request page, select the Process the pending request and install the certificate open. Click Next
* On the Process a Pending Request page, use the Browse button to locate and select the Web site certificate you requested. The path and name of the certificate will appear in the Path and file name text box, click next
* Review the information regarding the certificate on the Certificate Summary page, click next.
* Click Finish on the Completing the Web Server Certificate Wizard page.
Click Ok and restart the web service.

Let me know if you get stuck.

0
 

Author Closing Comment

by:omnbit
Comment Utility
Worked like a charm! Thx
0
 

Author Comment

by:omnbit
Comment Utility
http://192.168.0.1/certsrv

I had to change to

the CA system IP/certsrv.

but it worked.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now