IIS certificate and security

Posted on 2014-04-09
Last Modified: 2014-05-01

I have two quick questions:

1.  I have a hot/warm server architecture for my IIS server in that if the primary fails, I will have to restore my SQL database backup to the warm server; however I'm unsure of what I would need to do for my IIS security certificate.  It is installed on the primary server as and was wondering how I would re-install it on the warm?  Can I do it as the same name of the hot or do I have to change the name?  I'd like to install it now, but don't want it to interfere with the current hot server.

2.  What is the best way of securing IIS?  I was going to run MBSA to have it scan for patches, but was also wondering how to harden it better.

Question by:soadmin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 29

Accepted Solution

becraig earned 500 total points
ID: 39990546
Export the certificate from the HOT IIS server
MMC.exe - add remove snapin
computer account
local computer

identify the certificate in use and right click on it and export
be sure to click "Export Private Key"
save to a .pfx file.

Copy that file to the warm server and then install via the mmc
MMC.exe - add remove snapin
computer account
local computer

Right click on certificates and import
Point to the file you just created
Enter the password etc and proceed to complete.

Once that is done you can bind the cert to the relevant site in IIS and leave the site down until you need to fail over.

You can do it all as the same name just leave the warm server not running until you actually need to fail over.
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39992126
Copy that file to the warm server and then install via the mmc
Make sure to include any Root and Intermediate Certificates if needed.  Here is a guide on that if you need to:
LVL 29

Expert Comment

ID: 40013748
Do you need any additional help on this issue, or is it resolved ?

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question