Re: Certificate Export Problem

From: cswarr (cswarr_at_discussions.microsoft.com)
Date: 01/14/05 

Date: Fri, 14 Jan 2005 10:55:02 -0800

Thanks for your efforts. I had an idea...what if I remove the cert., then
re-import it on server 1, which is where it is currently being used and was
requested from? Maybe I can mark the private key as exportable during the
re-import and then the private key export would work to server 2. Sound
feasible?

"Miha Pihler [MVP]" wrote:

> Hi,
>
> Sorry, I tried this in my lab and I wasn't able to solve the problem (though
> I have in my mind that I did this some time ago for my customer).
> I will try few more things later today.
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "cswarr" <cswarr@discussions.microsoft.com> wrote in message
> news:D1F633B5-316F-4734-847E-C026B17F9407@microsoft.com...
> > OK. I was able to import the CSR into the Certificate Enrollment requests
> > on
> > my new server. There are two certs in there now, the one for my web site
> > and
> > what looks like a verisign intermediate or root cert. What's next?
> >
> > "Miha Pihler [MVP]" wrote:
> >
> >> Hi,
> >>
> >> If you have original CSR (including private key), you could import it
> >> back
> >> in Certificate MMC under computer account -> Certificate Enrollment
> >> Requests
> >> .... Once you have your original request restored you then use
> >> certificate
> >> that you received from VeriSign and proceed as if this was new request...
> >>
> >> If you don't have original request, then you will have to generate new
> >> CSR
> >> and request new certificate from VeriSign. I believe they will charge you
> >> 100 USD for this and not the full price. Still double check on this since
> >> Thawte (another CA agency owned by VeriSign) will reissue SSL certificate
> >> for free (under certain conditions -- including yours -- change of
> >> system).
> >>
> >> Feel free to post back if you need more information.
> >>
> >> --
> >> Mike
> >> Microsoft MVP - Windows Security
> >>
> >> "cswarr" <cswarr@discussions.microsoft.com> wrote in message
> >> news:759794DE-71BB-4DD1-89AA-6BEA98E815C6@microsoft.com...
> >> > Thanks for the reply. That may be the case. I must not have checked
> >> > off
> >> > the
> >> > exportable box when I installed it. I'm going to have to look around
> >> > for
> >> > the
> >> > original request. I assume you mean the original CSR? I think I have
> >> > the
> >> > certificate. If I can find them, how do I install it on the new
> >> > server?
> >> >
> >>
> >> <snip>
> >>
> >>
> >>
>
>
>

Relevant Pages

  • Re: SSL errors
    ... > Following the articles suggestions I bound a certificate ... > to the SMTP installation on this server from a MS CA we ... > private key information property attached to it. ... > the CA installed cert did not have that property page ...
    (microsoft.public.inetserver.iis.security)
  • Re: Backup "pending request"?
    ... Some CA send you the cert, ... to export the private key as well, ... Back Up a Server Certificate in Internet Information Services 5.0 ...
    (microsoft.public.inetserver.iis.security)
  • Re: Backup "pending request"?
    ... backup the private key and lose it, the cert issued by the CA is useless. ... This would imply that they only send you a private key. ... the same server that the private key is stored. ... it sounds like the CA only send out a public key? ...
    (microsoft.public.inetserver.iis.security)
  • Re: Backup "pending request"?
    ... backup the private key and lose it, the cert issued by the CA is useless. ... This would imply that they only send you a private key. ... the same server that the private key is stored. ... it sounds like the CA only send out a public key? ...
    (microsoft.public.inetserver.iis.security)
  • Re: Certificate Export Problem
    ... the server. ... "cswarr" wrote in message ... > re-import and then the private key export would work to server 2. ...
    (microsoft.public.inetserver.iis.security)