Re: Replacing SSL Cert in IIS 5 w/no downtime?
From: Miha Pihler [MVP] (mihap-news_at_atlantis.si)
Date: Mon, 17 Jan 2005 23:52:33 +0100
You should be able to generate new CSR with existing certificate working
while you wait for new one.
If you for some reason can't do that, you can always create new virutal
website on your server and point it to new temporary directory. On this site
create a request for new certificate. Once you get the certificate back from
your certificate vendor process the request as usual on temporary site. Now
you have an option to assign this certificate to your old site with
practical no down time.
If you want you could do this whole process on completely separate computer.
Once you get new certificate, export it (with private key -- *.pfx) and
import it to your web server and assign it to your SSL protected web site.
I hope this helps...
-- Mike Microsoft MVP - Windows Security "Chris H" <firstname.lastname@example.org> wrote in message news:uFdltCO$EHA.2788@TK2MSFTNGP15.phx.gbl... >I have a SSL cert on a website in IIs 5 > I need to replace it with a new one. The only way I can see to generate > the CSR > is to get rid of the current one and then I can generate a CSR for a new > one. > The whole company though, points to https:// > For the 24 hours from when I remove the old one and install the new one > there > will be problems for everyone . . . > > is there a way to generate a CSR for a new cert and leave the old one in > place until > the new cert is ready? > > Cheers! > > Chris