Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

I have 2 certificates produced from the same CSR, is one of them going to be useless?

Posted on 2008-06-19
3
Medium Priority
?
337 Views
Last Modified: 2011-10-03
I have 2 certificates from different public CA's that where purchased using the same CSR.  However I am only able to import 1 to the original server via  "process pending request". If I import and replace via the Certificate MMC and IIS, the server doesn't believe it has a private key to match the second certificate. I am also unable to export (with the second cert in use) to a .pfx file. I guess because of the private key issue.  I need to use the second cert, not the first.  Does anyone know how to fix this?
0
Comment
Question by:58Robinson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 18

Accepted Solution

by:
John Gates, CISSP earned 2000 total points
ID: 21829831
You used the same CSR so only the server that originally created that request will be able to import the certificate that you purchased with it.  There is nothing you can do besides (If this was a purchased 3rd party certificate) call the company and explain the problem and see if they will give you a credit for one.

-D-
0
 
LVL 5

Expert Comment

by:JuckMan
ID: 21835902
Did you try removing the first certificate from "Certificate MMC" from your server and then importing the second certificate?

depend on the certificate type, it could be in a machine store, personal store, so make sure you completely remove the first cerficate from your machine before you start installing the second certificate..

hope this helps
0
 

Author Comment

by:58Robinson
ID: 21836886
Thanks for your responses.
The certificate is a Thwate certificate.  They give free reissues for the life of the certificate I guess so an old cert can be revoked in case someone exports it (with the key) and runs off with it. So I created a new CSR on a new temporary website on the same machine and organised a reissue using the new CSR.
When it comes in I'll  "proceed with pending" and remove the other cert.

JuckMan - I exported the problem causing first cert with the key and installed on a test machine to see if any removal type scenario would work.  It doesn't.  When you delete the cert the key goes with it. Each time a CSR is created, it's a unique key and once it's "used" it's used.  Thwate confirmed what I had to do.
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question