Re: Microsoft Certificate Services
From: Pent (pent)
Date: Wed, 5 Nov 2003 11:09:23 -0500
.cer doesn't have a private key. .pfx file normally has certificate and
When you generate certificate request in IIS, the private key will be
already stored in the store. So if you get a certificate back from CA for
the certificate request from IIS then after you install the .cer it will be
associated with the original private key.
"trinitypete" <firstname.lastname@example.org> wrote in message
> Sorry, I should have said, I did import it to the local
> machine personal folder. Then I assign the server
> certificate to IIS SSL - everything seems OK but SLL
> doesn't work. For some reason the private key doesn't get
> imported from the cer file unless it is via the first
> option in the previous mail.
> >-----Original Message-----
> >You have to know where to import it to
> >"trinitypete" <email@example.com> wrote in message
> >> Hi all,
> >> I have a question regarding certificates which I hope
> >> some one can explain. (Win2003 & XP Pro)
> >> I needed a web server certificate (SSL) so I did the
> >> following:
> >> IIS - Request certificate to send later, creates text
> >> file.
> >> Using web UI for Microsoft Certificate Services,
> >> request. Submit a certificate request by using a base-
> >> encoded CMC or PKCS #10 file, or submit a renewal
> >> by using a base-64-encoded PKCS #7 file. Copy in the
> >> contents of the text file and a certificate is issued.
> >> This is the bit I need clarifying.
> >> ----------------------------------
> >> THIS WORKS
> >> If you go back into IIS - server certificate and check
> >> pending request, browse to the certificate file
> >> by Microsoft Certificate Service - the certificate is
> >> imported along with the private key from the .cer file.
> >> THIS DOESNT
> >> If you didn't do the above and just install the
> >> certificate from opening the .cer file and selecting
> >> install, or import the certificate via MMC snap in, you
> >> dont get the private keys????
> >> Any help would be appreciated.
> >> Pete.