SSL Certificate for IIS 6.0 after Domain change

I have an IIS 6.0 server that was configured with an SSL certificate. That
server was moved into a different domain and I am now having trouble applying
a new SSL certificate to this IIS server.

The web server cannot seem to talk directly to the certificate server in the
new domain. I generated an SSL certificate by browsing to the certificate
server in IE, but IIS won't import the certificate.

For grins, I went into the IIS Certificate Wizard on the IIS server and
selected "Assign an existing certificate". What appears on the list is the
certificate for the "old" domain that the server used to be part of. It
appears that IIS still "remembers" from whence it received it's original SSL
certificate and doesn't want to accept anything else now.

What must be done to convince IIS to import the new certificate? Do I need
to reinstall IIS? Rebuild the server? Or is there a less-drastic solution?

Thanks.

--

Steven Hughes - MCSD

RE: SSL Certificate for IIS 6.0 after Domain change

I could be wrong, but I think you have to contact the issuer of the SSL cert
and have it converted to the new domain. They will probably charge you for
this. The reason I believe this is so is because the domain is encoded in
the information that was sent to the SSL issuer when it was originally
requested. You can't just take SSL certs and throw them around different
domains. There might be some special certs that allow this, but they would
probably cost more. Contact the SSL issuer and they'll let you know for sure.
Sorry I can't speak with much more authority...
-Larry
"Steven Hughes" wrote:

> I have an IIS 6.0 server that was configured with an SSL certificate. That
> server was moved into a different domain and I am now having trouble applying
> a new SSL certificate to this IIS server.
>
> The web server cannot seem to talk directly to the certificate server in the
> new domain. I generated an SSL certificate by browsing to the certificate
> server in IE, but IIS won't import the certificate.
>
> For grins, I went into the IIS Certificate Wizard on the IIS server and
> selected "Assign an existing certificate". What appears on the list is the
> certificate for the "old" domain that the server used to be part of. It
> appears that IIS still "remembers" from whence it received it's original SSL
> certificate and doesn't want to accept anything else now.
>
> What must be done to convince IIS to import the new certificate? Do I need
> to reinstall IIS? Rebuild the server? Or is there a less-drastic solution?
>
> Thanks.
>
> --
>
> Steven Hughes - MCSD

RE: SSL Certificate for IIS 6.0 after Domain change

Actually, I am the issuer of the certificate. We have a lab with multiple
domains and a certificate server in each. The old domain has been shutdown
and is no longer available so it is not possible to simply update an the
existing certificate from the old domain's certificate server.


--

Steven Hughes - MCSD


"Larry" wrote:

> I could be wrong, but I think you have to contact the issuer of the SSL cert
> and have it converted to the new domain. They will probably charge you for
> this. The reason I believe this is so is because the domain is encoded in
> the information that was sent to the SSL issuer when it was originally
> requested. You can't just take SSL certs and throw them around different
> domains. There might be some special certs that allow this, but they would
> probably cost more. Contact the SSL issuer and they'll let you know for sure.
> Sorry I can't speak with much more authority...
> -Larry
> "Steven Hughes" wrote:
>
> > I have an IIS 6.0 server that was configured with an SSL certificate. That
> > server was moved into a different domain and I am now having trouble applying
> > a new SSL certificate to this IIS server.
> >
> > The web server cannot seem to talk directly to the certificate server in the
> > new domain. I generated an SSL certificate by browsing to the certificate
> > server in IE, but IIS won't import the certificate.
> >
> > For grins, I went into the IIS Certificate Wizard on the IIS server and
> > selected "Assign an existing certificate". What appears on the list is the
> > certificate for the "old" domain that the server used to be part of. It
> > appears that IIS still "remembers" from whence it received it's original SSL
> > certificate and doesn't want to accept anything else now.
> >
> > What must be done to convince IIS to import the new certificate? Do I need
> > to reinstall IIS? Rebuild the server? Or is there a less-drastic solution?
> >
> > Thanks.
> >
> > --
> >
> > Steven Hughes - MCSD