Solved

Importing SSL Certifcate into IIS 8

Posted on 2014-02-04
3
2,175 Views
Last Modified: 2014-02-27
I am trying to import an SSL cert that we purchased from GoDaddy into IIS 8, but the certificate keeps getting automatically removed after import.  These are the steps that I'm taking.

Selected: Complete Certificate Request...
Provided the path to the .crt file, gave it a friendly name and selected Personal for the Certificate store and press OK.  The cert appears to be imported successfully, but as soon as I hit refresh or attempt to click on it, it disappears from the Server Certificates.

I am able to import into the Certificate store no problems though.

Any suggestions
0
Comment
Question by:datadirector
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 39835570
Is there anything special about this certificate?

Do you have all the intermediate certificates for GoDaddy installed?

Don't select "Personal" for the certificate store  - let the server store the certificate itself - and see if that helps.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39836302
1st of all, let me know if certificate crt file is generated from server where you are trying to import it in IIS ?
If CSR generation server is different from server you are importing, This is expected behaviour.
If this is not the case, have you run sysprep on server post you generated CSR ? In that case also you will face issues while importing certificate.

If this is also not the case try below.
1st of all open local certificate mmc console for current user and ensure that certificate is not there ?
If you found there, then check certificate properties \ details tab and verify that its Enhanced Key usage is set to Server Authentication if it is some else, then it is not SSL certificate. If it is server authentication cert, then just copy into local computer personal store.

if you don't find cert in current user mmc console, then instead of importing certificate through IIS, open custom mmc console, add local computer certificate console there, navigate to personal store and import there and check if its working.
Also post import check certificate properties for EKU (server authentication) and in certificate properties \ General tab "You have private key corresponds to this certificate" is showing.

Mahesh
0
 

Author Closing Comment

by:datadirector
ID: 39893189
The IIS cert was originally generated on a different server running a different version of IIS. I ended up just regenerating a new request on the server I was trying to import it to. Once I did that I submitted a request to rekey the cert using the newly generated csr.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question