Unrevoking SSL certificate in IIS7

If you go into IIS7 and delte a certificate (causing it to be revoked) - is there a way in IIS7 to unrevoke it?
tyy8Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

aisaudaliteCommented:
Hi,

unless I'm missing some information, just deleting a certificate doesn't revoke it, just prevents IIS from using SSL in communications with clients. You can alway reimport the certificate again, provided the Certification Authority hasn't revoked the certificate and you have access to it.

Hope that helps.
0
tyy8Author Commented:
When I deleted from the "SSL Certificates" area of IIS7 - it gave me a message that the certifcate was revoke. Now it won't go back in even if I start from scretch and rekey it. My only choice seems to be to reinstall windows to get back to a baseline for IIS and my certificate stores.
0
pcfreakerCommented:
Is the deleted Certificate from the same CA that you are generating the new certificate?
Since it should not be any problem in replacing a deleted or revoked certificate. What service do you have with SSL?
0
Top Threats of Q1 & How to Defend Against Them

WEBINAR: Join WatchGuard CTO and our Threat Research Team on Aug. 2nd to hear the findings from our Q1 Internet Security Report! Learn more about the top threats detected in the first quarter and how you can defend your business against them!

ParanormasticCryptographic EngineerCommented:
I'm not sure how you went about deleting it that it caused the CA to revoke it, but if it is revoked there is no turning back for that particular cert.  You shouldn't need to reinstall anything.  You should be able to request a new certificate using a new key pair and that should be issued just fine.  Make sure you are creating a new cert request with a new key, not renewing the cert using a new key.
0
tyy8Author Commented:
(this is maybe a bit strange) I did request a new certificate. Installed it, and still wouldn't go in. Notice that the .crt had also installed in the personal folder even though I had only put it in the intermediate folder. But the personal one had a key in the icon and the one in the intermediate did not - indicating to me something was different between the two. I actually dragged and dropped them so I flipped around the folder they were in and what do you know, it worked finally. So, I took it back out and this time made sure it was in the personal folder and now it installs - I had thought that the intermediate folder was what mattered.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ParanormasticCryptographic EngineerCommented:
intermediate folder is for CA certs.  Personal folder under Local Machine is where IIS is going to look.  that shouldn't cause a revoked message, so replacing the cert and placing it in the correct area were both parts of the solution
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.