Solved

Importing SSL Certifcate into IIS 8

Posted on 2014-02-04
3
2,161 Views
Last Modified: 2014-02-27
I am trying to import an SSL cert that we purchased from GoDaddy into IIS 8, but the certificate keeps getting automatically removed after import.  These are the steps that I'm taking.

Selected: Complete Certificate Request...
Provided the path to the .crt file, gave it a friendly name and selected Personal for the Certificate store and press OK.  The cert appears to be imported successfully, but as soon as I hit refresh or attempt to click on it, it disappears from the Server Certificates.

I am able to import into the Certificate store no problems though.

Any suggestions
0
Comment
Question by:datadirector
3 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 39835570
Is there anything special about this certificate?

Do you have all the intermediate certificates for GoDaddy installed?

Don't select "Personal" for the certificate store  - let the server store the certificate itself - and see if that helps.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39836302
1st of all, let me know if certificate crt file is generated from server where you are trying to import it in IIS ?
If CSR generation server is different from server you are importing, This is expected behaviour.
If this is not the case, have you run sysprep on server post you generated CSR ? In that case also you will face issues while importing certificate.

If this is also not the case try below.
1st of all open local certificate mmc console for current user and ensure that certificate is not there ?
If you found there, then check certificate properties \ details tab and verify that its Enhanced Key usage is set to Server Authentication if it is some else, then it is not SSL certificate. If it is server authentication cert, then just copy into local computer personal store.

if you don't find cert in current user mmc console, then instead of importing certificate through IIS, open custom mmc console, add local computer certificate console there, navigate to personal store and import there and check if its working.
Also post import check certificate properties for EKU (server authentication) and in certificate properties \ General tab "You have private key corresponds to this certificate" is showing.

Mahesh
0
 

Author Closing Comment

by:datadirector
ID: 39893189
The IIS cert was originally generated on a different server running a different version of IIS. I ended up just regenerating a new request on the server I was trying to import it to. Once I did that I submitted a request to rekey the cert using the newly generated csr.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now