Deleted certificate request

In IIS 6.0 on W2k3 server, I created a certificate request for a site, and
sent that in to get the cert (I still have the .txt file that was generated).


Now the bad part..... The site got deleted (it was just a temp site so I
could get the cert, so there are no backups)

When the cert came in, I wanted to import the .cer file so I could export it
to a .pfx, but after I re-create the site in IIS, I can't just import the
cert (as expected). If I create a new cert request, and then try to import
the .cer that I already received, I get the error saying that "The pending
certificate request for this response file was not found. This request may
be canceled. You cannot install selected response certificate using this
wizard."

When I open the certificates snap-in in the MMC, and look under Certificate
Enrollment Requests, I can see the original certificate request (from 6/05
while the new one shows from 7/5).

So.... 1) Is there a way for me to associate the older certificate request
with the new IIS website? or 2) Is there a way for me to import the .cer
file so that it will let me export it as a password protected .pfx file? I
can manually import the .cer file, but I cannot export it as a .pfx (I'd
assume it's due to the fact that the cert doesn't show me having the private
key associated with the cert.)

Thanks for any help. I really would like to do this without having to get a
new cert...

Thanks,
Dan

Re: Deleted certificate request

Dan wrote on Thu, 6 Jul 2006 04:57:02 -0700:

> In IIS 6.0 on W2k3 server, I created a certificate request for a site, and
> sent that in to get the cert (I still have the .txt file that was
> generated).
>
> Now the bad part..... The site got deleted (it was just a temp site so I
> could get the cert, so there are no backups)
>
> When the cert came in, I wanted to import the .cer file so I could export
> it to a .pfx, but after I re-create the site in IIS, I can't just import
> the cert (as expected). If I create a new cert request, and then try to
> import the .cer that I already received, I get the error saying that "The
> pending certificate request for this response file was not found. This
> request may be canceled. You cannot install selected response certificate
> using this wizard."
>
> When I open the certificates snap-in in the MMC, and look under
> Certificate Enrollment Requests, I can see the original certificate
> request (from 6/05 while the new one shows from 7/5).
>
> So.... 1) Is there a way for me to associate the older certificate
> request with the new IIS website? or 2) Is there a way for me to import
> the .cer file so that it will let me export it as a password protected
> .pfx file? I can manually import the .cer file, but I cannot export it as
> a .pfx (I'd assume it's due to the fact that the cert doesn't show me
> having the private key associated with the cert.)
>
> Thanks for any help. I really would like to do this without having to get
> a new cert...
>

Can't you import the response to the original request, and then assign that
to the site?

I did something similar a couple of weeks ago. We never had an OU entry in
our Thawte certs, and this year they've changed their policy to require it.
I had to generate a new cert request instead of a renewal, so I created a
new certificate for a test site, sent that to Thawte, and removed the test
site. I then imported the response from Thawte to the request in the
Certificates MMC, and then assigned that to the existing site to replace the
certificate it already had. Worked perfectly :)

Dan