sam15 used Ask the Experts™
I am migrating two windows 2008 VMs (crystal server) and two RHEL 5.8 VMs (oracle servers)
from current production server to a new larger physical server.

They assigned temp IPs for the migrated machines until testing is completed.

The issue is that I need to test web applications on the new machines
and I cant migrate the current domain name and SSL certificate to the new ones.

1) Do you know how can I set a temporary test domain and set it up in DNS for testing?
Do I need to buy SSL certificates and domain for testing?

2) Would I be able to migrate the current production SSL certificates and domain name
to new machines when we go live or I need to create a new CSR on new machine and resend to certificate authority for regeneration? the machine names are different from old to new machine.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017
Use the etc/hosts files to change the IP associated with the hostnames


This will direct your browser to access the new_ip when you access

This deals with maintaing the same names/references on the test server, or you could add a test. And point them to the new iOS, and add the test to the various handlers, iis host, oracle app ....


But does not this redirect production users to new test server too (I don't want that yet)?

I want to spend several weeks testing the new machine to verify it everything runs fine but I need temp domain name and ssl ceritifcate since we use HTTPS.

If I change the hosts file on my windows 7 desktop machine, would it ignore the DNS entries for current production machine and go to new server? so the DNS will have

CURRENT_PROD_IP (prod server)

The local hosts windows file

TEMP_TEST_IP (New server)
David FavorLinux/LXD/WordPress/Hosting Savant
Distinguished Expert 2018
For your two Linux instances...

There are two primary ways SSL is handled on temporary/migrating hostnames.

1) If you're running a CMS which lends itself to running like this, you just rename your test site to... + in the case of WordPress, run wp-cli to rename all instance of to in the database.

2) More complex, is custom code + other CMS code which is poorly written... or written by novice developers who failed to code for this situation. (A seasoned developer will always code to support simple migrations + traffic scaling.)

Here's the 100% foolproof way I do this when I have to migrate non-WordPress code for a client or just setup a custom code dev site.

a) Create an LXD container for dev/test/staging site.

b) Setup dnsmasq to run inside container + remove all other DNS tech, like named + systemd-resolved, so you know dnsmasq is handling 100% of all DNS resolution.

c) In dnsmasq, setup an lookup for + to resolve to the public LXD container IP.

d) copy over your SSL certs from your production machine.

e) setup your LAMP Stack config to match your production site.

f) anyone accessing this dev site will add an /etc/hosts entry for + to match the public LXD container IP.

At this point, your SSL will work + all intra-site references will be routed to dev site by dnsmasq, rather than leaking to production site.

This type of setup has become so common for me, it's second nature now.

Using this type of config allows sites to be referenced by their normal domain name + have SSL working + with no code changes.

Perfect for sites coded with no support of migration sequences.
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Distinguished Expert 2017

The change on your local machine will only affect users logged in on it accessing that URL.
It will be limited to this one workstation.
You can always comment out (#) the line when done with testing for the day.


I am not sure what CMS, LXD are and we don't use LAMP or wordpress.

I only need a TEST DOMAIN NAME for the oracle apache web server. Database machine is accessed using web server using client/server connection.

Let us my current production machine has domain name "" with IP address
The new web server machine has no domain now. IT has IP address

1) Can I setup in my local test workstation host file for testing purposes "" and Would this work?
2) Can I really copy the SSL certificate files from old machine to new machine? I thought the CSR normally includes machine name or domain name or something specific for the machine?
Distinguished Expert 2017

LAMP - Linux Apache MySQL PHP
LXD are containers to run application/system as an alternative to VM without the Overhead resource cost.
CMS Content Management System drupal, joomla, wordpress

On the workstation from which you will be testing the new environment, adding the new IP and the hostname in the hosts file as I outlined will let you from that workstation only to access the test environment.

The new System where you have copied setup

Lets start from the beginning what is it you are trying to do?
Are you trying to setup a test environment to match your current production. In this case you can use your workstation with virtualbox or VMWARE and setup a guest system onto which you will build t.......

You can export the certificate into a PFX/pcks12 with the private key and the imported on the new machine.


I am migrating an old production physical machine to a new physical machine. It runs VMware so we have Linux and windows VMs running on it.

We are copying the VMs for windows but reinstalling RHEL and oracle servers on Linux.

SO I need to test applications on those new machine to see how they run before doing final production migration.

Are you saying I can test using same domain name by adding the new machine IP to the local host file on test machine and export the SSL certificate and import it on new machine? Cant you do a certificate file copy for certificate/. I am not sure this will work as the CSR might be different of it includes hostname.
Distinguished Expert 2017
Yes, the new system will have new IPs unless you plan on reusing the same IPs from the systems in production on the new one that will replace them.

IMHO, it is better to transition using new IPS new Hostname, and have DNS and Firewall distribute the requests once the new machines go in production in the interim for testing, the configuration on the new machines can be to include the system's hostname in the references if multiple bindings are permitted.
if you are doing an end to end test, the hosts files on the test machine should include references to the hostnames on which they rely
i..e. to avoid the application server hitting the production sql server, the hosts file on the application server should include the IP of the new database server.

The complexity depends on your setup and what we are talking about.

Commonly it is simple for webservers as they often go by
potentially an application server for flexibility sake would not use the but might use that can be controlled through DNS entry updates....

At times, a small typo left over from a testing phase using test names, when placed in production a small ......

Depending on your environment, and options, settings the LAB like where all the requisite components are on the same isolated segment where there is a system from which you can test..

Exporting the ceriticate with private key, (password protect) will let you import the pair on the new system.

You are not changing the access, as noted above the presumption that you have a reference that is not servername based but is unique/flexible and exists only in DNS and points to an IP that corresponds to the hostname/servername of the node.... (virtual or physical)


yes, I plan to use new IPs temporarily for testing purposes only. After testing is completed, we plan to reuse current productions IPs for new servers. Reason for that we have so many firewall rules locally and remotely at customer site based on these IPs

I am going to test the edit for hosts file to run same domain on new machine.

do you know what to use for export/import of ssl certificates for Linux and windows servers?
PberSolutions Architect

No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

-- arnold (https:#a42393626)
-- David Favor (https:#a42394149)
-- arnold (https:#a42398997)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Experts-Exchange Cleanup Volunteer

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial