Solved

rename a wildcard SSL certificate in IIS

Posted on 2015-01-28
10
142 Views
Last Modified: 2015-02-18
We have a working wildcard SSL certificate.         *.cissltd.com     i exported the PFX file from a working server and imported on another server.

We are trying to use host headers on the second server - and somehow the wildcard "*" prefix in the name got dropped....any idea on how to rename with the wildcard prefix?
CISS-cert.rtf
0
Comment
Question by:bensonwalker
  • 5
  • 5
10 Comments
 
LVL 33

Expert Comment

by:it_saige
ID: 40575618
Wild card prefixes are generated when you add the certificate to a site.Capture.JPGCapture.JPGThe name you are seeing:Capture.JPGIs just the friendly name and does not affect the certificates validity.  It's sole purpose is to allow for you to easily identify the certificate when choosing to bind it.

-saige-
0
 
LVL 1

Author Comment

by:bensonwalker
ID: 40575627
I believe you are correct - maybe it is a microsoft IIS issue - but host headers don't work without that friendly name having the "*." in front of it..........can I just readd (import_) the certificate again and rename in the process?  the problem is I don't think importing from IIS give you the chance to name the certificate....maybe I need to re-export and then re-import?
0
 
LVL 33

Expert Comment

by:it_saige
ID: 40575640
Importing/Exporting does not give you the option to rename or change the certificate in anyway.  This would invalidate the certificate.

What does the certificate look like on the original server?  When you exported the certificate, did you export it as a PFX?

-saige-
0
 
LVL 1

Author Comment

by:bensonwalker
ID: 40575660
yep, the original server has the wildcard in the name. export and import through PFX
0
 
LVL 1

Author Comment

by:bensonwalker
ID: 40575662
you can see the original server in the RTF file I posted
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 33

Expert Comment

by:it_saige
ID: 40575680
You may be correct that it is an IIS issue, but that should not preclude you from assigning the host header value in the hostname text box.

Have you bound the certificate to a new site and not been able to validate the certificate when accessing the new site via HTTPs???  

-saige-
0
 
LVL 1

Author Comment

by:bensonwalker
ID: 40575716
yep, the cert works outside of IIS host headers.  https://www.cissltd.com   is a site under that cert
0
 
LVL 33

Accepted Solution

by:
it_saige earned 500 total points
ID: 40575732
I can validate the certificate linked to that site:Capture.JPG-saige-
0
 
LVL 1

Author Comment

by:bensonwalker
ID: 40575746
right, we seem to have an IIS bug with host headers.  headres only work if the cert name is *.cissltd.com .....now, how can I rename it?
0
 
LVL 33

Expert Comment

by:it_saige
ID: 40575756
Lets try using the Certificate Console instead of IIS (something may have been lost in translation ;) )...

https://www.geocerts.com/support/migrate_iis

Comodo even says to do this:

https://support.comodo.com/index.php?/Knowledgebase/Article/View/678/0/exporting-and-restoring-a-pfx-file-to-iis

-saige-
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
OpenSSL and generating new certificate request 3 78
aix tls version 6 224
In what cases will server send empty session id during TLS handshake 3 74
Certificate for Exchange 5 56
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now