Avatar of Westez
Westez
 asked on

SSL Certs and NLB config?

Moving cert from a single Win2003-IIS 6 box to a pair of Win2008-II7 boxes that are load balanced but not an IIS 7 shared config.  Can we assign the one cert to both boxes?

The cert is assigned the name of the website and not the server.  The site name and the ip address will be assigned to the win08 servers.
Microsoft IIS Web ServerWindows Server 2008

Avatar of undefined
Last Comment
Westez

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Greg Hejl

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
prashantjain

If the certificate has the website name, of course you can
Westez

ASKER
If your moving the cert from one server to another wouldn't you need to export the private key?
prasad1390

hi Westez,

As said earlier by the experts, it is possible to install the same certificate on multiple servers. perhaps if this cert is purchased from third party CA like verisign then you need to think about the licensing part as they issue based on the no. of years X no. of servers.

happy cert migration :)
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
SOLUTION
prasad1390

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Greg Hejl

exporting the cert doesn't move it - it's a copy

and can be imported into certificate store of second server.

then open IIS manager, open server certificates, and you will see your certificate there.

highlight your website - click on bindings - edit the https entry and add the certificate.

i did this three times already today!

Westez

ASKER
I'll admit I dont' do this that often, and I found this link before I posted up. And I understand it's a copy and not a move.  The comment save it as a .pk7 file is what I was asking about, because you don't save the private key in that format.  I'm thinking that if your going to export from one box and import on another box your going to want that private key.

http://www.sslshopper.com/move-or-copy-an-ssl-certificate-from-a-windows-server-to-another-windows-server.html

And thanks for the detailed explanations.
Greg Hejl

there is a switch in the import wizard that makes the certificate exportable - this brings the private key with the cert.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Westez

ASKER
Thanks guys, if I get jammed up i'll yelp:)