Solved

Importing SSL Certifcate into IIS 8

Posted on 2014-02-04
3
2,153 Views
Last Modified: 2014-02-27
I am trying to import an SSL cert that we purchased from GoDaddy into IIS 8, but the certificate keeps getting automatically removed after import.  These are the steps that I'm taking.

Selected: Complete Certificate Request...
Provided the path to the .crt file, gave it a friendly name and selected Personal for the Certificate store and press OK.  The cert appears to be imported successfully, but as soon as I hit refresh or attempt to click on it, it disappears from the Server Certificates.

I am able to import into the Certificate store no problems though.

Any suggestions
0
Comment
Question by:datadirector
3 Comments
 
LVL 33

Expert Comment

by:paulmacd
ID: 39835570
Is there anything special about this certificate?

Do you have all the intermediate certificates for GoDaddy installed?

Don't select "Personal" for the certificate store  - let the server store the certificate itself - and see if that helps.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39836302
1st of all, let me know if certificate crt file is generated from server where you are trying to import it in IIS ?
If CSR generation server is different from server you are importing, This is expected behaviour.
If this is not the case, have you run sysprep on server post you generated CSR ? In that case also you will face issues while importing certificate.

If this is also not the case try below.
1st of all open local certificate mmc console for current user and ensure that certificate is not there ?
If you found there, then check certificate properties \ details tab and verify that its Enhanced Key usage is set to Server Authentication if it is some else, then it is not SSL certificate. If it is server authentication cert, then just copy into local computer personal store.

if you don't find cert in current user mmc console, then instead of importing certificate through IIS, open custom mmc console, add local computer certificate console there, navigate to personal store and import there and check if its working.
Also post import check certificate properties for EKU (server authentication) and in certificate properties \ General tab "You have private key corresponds to this certificate" is showing.

Mahesh
0
 

Author Closing Comment

by:datadirector
ID: 39893189
The IIS cert was originally generated on a different server running a different version of IIS. I ended up just regenerating a new request on the server I was trying to import it to. Once I did that I submitted a request to rekey the cert using the newly generated csr.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now