Tricky certification request procedure help


I have a customer in which they need to renew certificates in iis.

This time they want me to do the request.

So, what is the relevant procedure for this? Since it is a renewal, should i asked which cert authority they have used? Or can i create the request without that information?

LVL 12
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
You can identify all of the certificate info directly within the Certificate itself. Are you planning on re-generating a new CSR? If you are typically you need to do this directly from the server where the cert will be used. Other Certs like SAN/UCC certs you can create the CSR on one server and then when you complete the CSR request you can export the private key which will allow you to import the cert on another machine.

jazzIIIloveAuthor Commented:
But is it important to know the certification auth to do this?
Can/Should i extract any information from the existing certs? Or is it not relevant?

This is just for SSL btw.

Will SzymkowskiSenior Solution ArchitectCommented:
If you are actually doing a Renewal then you need to use the same 3rd party SSL provider that originally assigned the certificate. If this is not a true renewal and you have to re-generate a new CSR then you do not need to use the same SSL provider.

Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

jazzIIIloveAuthor Commented:
"If you are actually doing a Renewal then you need to use the same 3rd party SSL provider that originally assigned the certificate."

Thanks. Is it possible to extract this information from the current certificates?

Will SzymkowskiSenior Solution ArchitectCommented:
All you need to do is go to the URL of the site, Double click the Pad Lock SSL icon, then click the on the Certification Path Tab and it will tell you the Root and Intermediate Certificate Authorities. This is who you will contact to do the renewal.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jazzIIIloveAuthor Commented:
Thanks. A final question, once i see the authority, should i follow the instructions for Renewal? And if the instructions are missing, is there any generic renewal request for windows that i should follow?

And as a bottom line, this renewal request is actually not different than an initial request?
Will SzymkowskiSenior Solution ArchitectCommented:
For a renewal request without creating a new CSR you will need to contact the 3rd Party SSL provider directly and this is done on there send.

In the event that they need the CSR this is basically stated the entrie process over again.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.