Solved

Renew Certificate for local Intranet Website

Posted on 2008-06-11
5
1,132 Views
Last Modified: 2010-04-21
Some time ago I set up a site on our internal network. The site is hosted on a local 2003 web server.

We need to make it secure so I did so installed a certificate and using the GPO to push it out to all clients.

Well now I'm getting an expired message when trying to go to the site and I see it expired 3/11/2008 even though today is 6/11/2008.

It worked until today.

How do I renew it.

I installed the ticket on another server 2003 Standard server.
0
Comment
Question by:omnbit
  • 3
  • 2
5 Comments
 
LVL 11

Expert Comment

by:pcfreaker
ID: 21763330
HI,

The certificate was retrieved from a local CA (Standalone or Enterprise) or granted by a Vendor (Verisign)?
0
 

Author Comment

by:omnbit
ID: 21763377
local CA standalone i think.

Something I set up on our local server.
0
 
LVL 11

Accepted Solution

by:
pcfreaker earned 500 total points
ID: 21763908
Oki, you could request a renewal from the IIS server:

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* Select renew certificate
* Prepare the request now, but send it later
* choose the path and file name
Go to the ie and type the ca link: i.e. http://192.168.0.1/certsrv
* On the Microsoft Certificate Services page, click the Request a certificate link
* On the Request a Certificate page, click the advanced certificate request link
* On the Advanced Certificate Request page, click the Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
* You can paste the contents of the certificate request file into the Save Request text box on the Submit a Certificate Request or Renewal Request page. Note that you can not use the Browse for a file to insert link to insert the request because the default security settings on the browser will not allow you to do so.
* Open the certificate request file and press CTRL+A to select the entire contents of the file. Press CTRL+C or right click on the selected region and click the Copy command to copy the contents of the file onto the Windows clipboard.
* Return to the Submit a Certificate Request or Renewal Request Web page. Position the insertion point at the top left of the text box on the page. Press CTRL+V or right click at the insertion point and click the Paste command.
* The contents of the certificate request file are entered into the request text box. Click the down arrow for the Certificate Template drop down list and select the Web Server certificate template. Click Submit.
* Click Yes on the Internet Explorer dialog box that warns you that youre sending unencrypted data over the network.
* On the Certificate Issued page, click the Download Certificate Chain link. Click Save on the File Download dialog box.
* Save the file to a location on the local hard disk
* Click the Close button on the Download Complete dialog box after saving the certificate to the local hard disk.
* Downloading the certificate chain provides you with both the Web site certificate you requested and the CA certificate. You can place the CA certificate into the Trusted Root Certification Authorities certificate store if it is not already in place.

The final step is to bind the certificate to the service. Perform the following steps to bind the Web site certificate to the service you want to secure:
1. Open the Internet Information Services (IIS) Manager console, right click on the service you want to bind the certificate to, and click the Properties command

Go to your IIS server and go to the web site you have with ssl.
* Right click properties and go to security, click on certificates.
* On the Pending Certificate Request page, select the Process the pending request and install the certificate open. Click Next
* On the Process a Pending Request page, use the Browse button to locate and select the Web site certificate you requested. The path and name of the certificate will appear in the Path and file name text box, click next
* Review the information regarding the certificate on the Certificate Summary page, click next.
* Click Finish on the Completing the Web Server Certificate Wizard page.
Click Ok and restart the web service.

Let me know if you get stuck.

0
 

Author Closing Comment

by:omnbit
ID: 31466229
Worked like a charm! Thx
0
 

Author Comment

by:omnbit
ID: 21772182
http://192.168.0.1/certsrv

I had to change to

the CA system IP/certsrv.

but it worked.
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

29 Experts available now in Live!

Get 1:1 Help Now