Академический Документы
Профессиональный Документы
Культура Документы
Contents
Step
1
-
Generate
a
Certificate
Request
......................................................................................................
3
Step
2
Request
the
Certificate
..................................................................................................................
4
Step
3
The
Certificate
is
submitted
...........................................................................................................
4
Step
4
Receive
Certificate
.........................................................................................................................
4
Step
5
Download
Certificate
.....................................................................................................................
4
Step
6
Add
private
key
..............................................................................................................................
4
Step
7
-
Export
Certificate
with
Private
Key
.................................................................................................
5
Step
8
-
Copy
the
certificate
to
server
.........................................................................................................
8
Step
9
Update
the
Certificate
...................................................................................................................
9
Step
10
Test
and
Verify
...........................................................................................................................
10
Appendix
A
-
Certificates
on
IIS
5/6
...........................................................................................................
12
Exporting/Backing
Up
to
a
.pfx
File
....................................................................................................
12
Importing
from
a
.pfx
File
..................................................................................................................
13
Enabling
a
New
Certificate
on
a
Server
.............................................................................................
14
Revision
History
.........................................................................................................................................
15
Choose a location to write your request file to and a filename and click Finish to create the file.
Click to bring up the Open windows and browse to the directory you stored the certificate and select it, then enter its URL in the friendly name field. (note you may need to change the *.cer in the box on the bottom right of the Open windows to *.* to see the certififcate if its extension is not .cer. Click OK If you generated the certificate request from the same server you will be installing it on, you can skip to step 8.
Exporting/Backing Up to a .pfx File 1. On the Start menu click Run and then type mmc. 2. Click File > Add/Remove Snap-in. 3. Click Certificates > Add. 4. Select Computer Account and then click Next. Select Local Computer and then click Finish. Then close the add standalone snap-in window and the add/remove snap-in window. 5. Click the + to expand the certificates (local computer) console tree and look for the personal directory/folder. Expand the certificates folder. 6. Right-click on the certificate you want to backup and select ALL TASKS > Export. 7. Click next on the Welcome Screen. 8. Choose Yes, export the private key and then click next.
9. Personal Information Exchange should be selected by default if you choose to export the private key. Check the box Include all certificates in certificate path if possible and click next. Warning: Do not select the delete private key option.
10 .Type and confirm a password. This password will be needed to import the certificate on another server.
11. Choose a filename to save the certificate to and then click next. 12. Select Finish
You should receive an "export successful" message. The .pfx file is now saved to the location you selected.
7 .Follow the certificate import wizard to import your primary certificate from the .pfx file. When prompted, choose to automatically place the certificates in the certificate stores based on the type of the certificate.
6.In the site bindings window, highlight https and click edit.
7. Click the Down arrow and choose the new certificate from the listbox.
8.Click OK. Your SSL Certificate is now updated. You may have to restart IIS (World Wide Web Publishing service) for the server for it to recognize the new certificate.
Connect to the website over ssl (https) with a browser. Click on the lock icon in the address bar and then view certificates. Ensure the valid from dates have been updated.
1. On the Start menu click Run and then type mmc. 2. Click File > Add/Remove Snap-in.
4. Select Computer Account and then click Next. Select Local Computer and then click Finish. Then close the add standalone snap-in window and the add/remove snapin window. 5. Click the + to expand the certificates (local computer) console tree and look for the personal directory/folder. Expand the certificates folder. 6. Right-click on the certificate you want to backup and select ALL TASKS > Export. 7. Choose Yes, export the private key and include all certificates in certificate path if possible. Warning: Do not select the delete private key option. 8. Leave the default settings and then enter your password if required. 9. Choose to save the file and then click Finish. You should receive an "export successful" message. The .pfx file is now saved to the location you selected.
Importing
from
a
.pfx
File
1. 2. 3. 4.
On the Start menu click Run and then type mmc. Click File > Add/Remove Snap-in. Click Add > Certificates > Add. Select Computer Account and then click Next. Select Local Computer and then click Finish. Then close the add standalone snap-in window and the add/remove snapin window. 5. Click the + to expand the certificates (local computer) console tree and look for the personal directory/folder. Expand the certificates folder.
6. Right-click on the certificate you want to backup and select ALL TASKS > Import. 7. Follow the certificate import wizard to import your primary certificate from the .pfx file. When prompted, choose to automatically place the certificates in the certificate stores based on the type of the certificate.
Enabling
a
New
Certificate
on
a
Server
1. On the Start menu, click Administrative Tools > Internet Information Services (IIS) Manager. 2. In the IIS manager, right-click the site that you want to use the certificate for and select Properties. 3. Navigate to Directory Security > Server Certificate. This will start the server certificate wizard. 4. If given the option, choose to Assign an existing certificate to the site and choose the certificate that you just imported. If you do not have that option, you should be asked what you want to do with the current certificate on the site. Choose the option to replace your current certificate. 5. Browse to the .pfx file that you created earlier and then finish the certificate wizard. You may have to restart IIS or the server for it to recognize the new certificate.
Revision History