Disappearing SSL certificates from IIS 7.0 Manager



Disappearing SSL certificates from IIS 7.0 Manager


Keep in mind that they are going to cost you much.

If you have two ssl certs for a domain.com and then a sub.domain.com, these two certs cannot be installed in IIS servers upto version 7.5.  IIS8 on Windows 2012 supports it though.

Note: you need to create the csr on the machine where you will be installing the ssl certificate. otherwise, the private key is not present and the ssl certificate is not installed properly.

Solution:

Got this below information from elsewhere...

JBrunelle
April 9, 2014 at 8:01 am
If anyone is still watching this thread… I came across this with a digicert cert as well. What I did was import it anyway into IIS. After adding it, but before it disappeared I right-clicked and selected view on the cert, went to the Details tab, and selected copy to file. Selected to export the private key, and assigned a password. Then I refreshed (cert was gone) and re-imported the now .pfx cert and entered the password.

Worked like a charm.

1. Import cert anyway

2. Right-click > View

3. Details tab > Copy to File

4. Export PK, assign password, export as .pfx

5. Import new .pfx





It didn't work for me, though. Because, I had created the csr from a Centos 7 linux server.

It is indicated that the certificate may not be installed and doesn't work if the private key is not part of the SSL certificate.

So, I copied the issued certificate to my Centos 7 server and then issued the following command to export it to .pfx format

openssl pkcs12 -export -out sub.domain.com.pfx -inkey sub.domain.key -in sub.domain.com.crt -certfile sub.domain.com-intermediate-cert.crt
Enter pass phrase for sub.domain.key:
Enter Export Password:
Verifying - Enter Export Password:

In the above, enter the pass phrase you keyed in during the creation of the certificate signing request.

The resultant .pfx file created may be used to install the SSL certificate in your IIS server.

After all this effort, if you are trying to install the two certificates on an IIS 7.5 web server or less, you are bound to be unsuccessful, because multiple certs for multiple domains are supported only in IIS 8+ onwards.

That is what we found the hard way. May be we should have researched better.

So, that's what we will be doing. Setting up the Windows 2012, IIS 8+ and install the certificates separately.

Will keep you updated.

No comments:

Two Reasons Google Ads Lead Form is Rejected

Two Reasons Google Ads Lead Form is Rejected An Investigation on Why the Google Ads Lead Form in My Google Ad Got Rejected. I just...

Most Popular

Copyrighted.com Registered & Protected DWYE-NHTO-NBNH-7FFM