Re: Deleted certificate request

From: "Daniel Crichton" <msnews@xxxxxxxxxxxxxxxx>
Date: Thu, 6 Jul 2006 13:34:15 +0100

Dan wrote on Thu, 6 Jul 2006 04:57:02 -0700:

In IIS 6.0 on W2k3 server, I created a certificate request for a site, and
sent that in to get the cert (I still have the .txt file that was
generated).

Now the bad part..... The site got deleted (it was just a temp site so I
could get the cert, so there are no backups)

When the cert came in, I wanted to import the .cer file so I could export
it to a .pfx, but after I re-create the site in IIS, I can't just import
the cert (as expected). If I create a new cert request, and then try to
import the .cer that I already received, I get the error saying that "The
pending certificate request for this response file was not found. This
request may be canceled. You cannot install selected response certificate
using this wizard."

When I open the certificates snap-in in the MMC, and look under
Certificate Enrollment Requests, I can see the original certificate
request (from 6/05 while the new one shows from 7/5).

So.... 1) Is there a way for me to associate the older certificate
request with the new IIS website? or 2) Is there a way for me to import
the .cer file so that it will let me export it as a password protected
.pfx file? I can manually import the .cer file, but I cannot export it as
a .pfx (I'd assume it's due to the fact that the cert doesn't show me
having the private key associated with the cert.)

Thanks for any help. I really would like to do this without having to get
a new cert...

Can't you import the response to the original request, and then assign that
to the site?

I did something similar a couple of weeks ago. We never had an OU entry in
our Thawte certs, and this year they've changed their policy to require it.
I had to generate a new cert request instead of a renewal, so I created a
new certificate for a test site, sent that to Thawte, and removed the test
site. I then imported the response from Thawte to the request in the
Certificates MMC, and then assigned that to the existing site to replace the
certificate it already had. Worked perfectly :)

Dan

.

Prev by Date: Re: IIS passing server credentials rather than user credentials
Next by Date: Re: login problem with iis and webdav.
Previous by thread: Re: File Access Permissions on Webserver when hosting a Website
Next by thread: Basic Authentication for only one special user
Index(es):
- Date
- Thread

Relevant Pages

RE: Recovery agent for EFS, how can i get it done PLEASE HELP
... How are you requesting the Cert? ... > enterprise admins still cant request cert everytime i request i get this ... > The certificate cannot be installed because of one or more of the following ... >>> Recovery and cannot be added as a recovery agent. ...
(microsoft.public.windows.server.active_directory)
RE: Wireless connection problem from XP Pro SP2 to SBS 2003
... I go to request a certificate. ... I went ahead and requested a User cert, ... This computer can connect to other wireless networks without problems. ...
(microsoft.public.windows.server.sbs)
Re: Unable to install Godaddy cert on SBS R2 Standard box
... That is was why I started to install the Turbo cert. ... "Please create a new request,and request for a new certificate from ... Godaddy(issue a new certificate),then install the new certificate. ...
(microsoft.public.windows.server.sbs)
RE: Recovery agent for EFS, how can i get it done PLEASE HELP
... What type of cert do you want? ... simply have the user encrypt a ... > request new certificate and then i choose the template, ... > Certificate Request Wizard ...
(microsoft.public.windows.server.active_directory)
Re: Create certificates with CA
... you are using an enterprise CA - this prevents one user from getting a cert ... purpose which does not require authentication. ... > At the moment the only method I have of getting a certificate to a user is ... > to get their machine to browse to CertSrv and request a cert. ...
(microsoft.public.win2000.security)