Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Replacement IIS6 SSL certs 1

Status
Not open for further replies.
newtonetworks

newtonetworks

Technical User
Dec 8, 2008
4
GB
Hello All,
Hoping someone can provide me with some quick help here. I have load balanced web servers (2003, IIS6), with a secure site that needs it's SSL certificate replacing, I generated a CSR on 1 of the web servers, and bought a new certificate with a 2 server license form Verisign. I have this new certificate installed on both web servers, but when I select "Replace the current certificate" in IIS, and install the new cert the secure section of the site stops working.
The certificate is definitely valid.
The Intermediate and root Verisign CA's already exist on both web servers and dont expire until 2016.
I've tried restarting the website, IIS and the entire web server but with the new certificate but with no luck.

Can anyone let me know what Im doing wrong? Does IIS6 not like .cer format? Should I not be using the "Replace current certificate" option?
Any help greatly appreciated, existing cert expires in less than 48 hours!

Thanks in advance.
 
Sort by date Sort by votes
I have only limited experience of this but as far as I recall when you go back to the IIS site from where you generated the CSR and start the We Server Certificate Wizard it should present you with the option to "Process the pending request". You then get the opportunity to direct the wizard to the new certificate.

Are you sure you are on the correct site ?

Hope that helps


 
Upvote 0 Downvote
That's correct, but there is only a pending request on 1 server that the CSR was generated on. On this server, I followed the "Complete a pending request" procedure, on the second web server I simply replaced the existing certificate.

This is the usual way to complete this, as the certificate must be identical on both servers, so only 1 will ever have the pending request. The CSR is specific to the web site and not the web server.

Thank you very much for the reply, any other ideas?
 
Upvote 0 Downvote
Exporting to .pfx for installation on the second server worked perfectly.

Thank you!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Stijn
  • Locked
  • Question
No access from LAN to FTP-site with SSL
Replies
0
Views
56
Stijn
Stijn
jefferj54
  • Locked
  • Question
SSL Certificate for Remote Desktop
Replies
0
Views
55
jefferj54
jefferj54
Remou
  • Locked
  • Question
SSL Bindings 2
Replies
2
Views
80
Remou
Remou
Halliarse
  • Locked
  • Question
IIS6 Migration to IIS8, cannot browse .ASP pages
Replies
1
Views
56
guitarzan
guitarzan
StaplesMan
  • Locked
  • Question
Block accessing Bad SSL certificat sites via GPO
Replies
2
Views
88
58sniper
58sniper

Part and Inventory Search

Sponsor

Back
Top