Untitled Document
View RSS Feed

ShipRush Ecommerce and Feature Discussion

How to Change SSL Certificate Vendors on IIS v6 (and I think also v7)

Rate this Entry
Name:  iis_logo.png
Views: 1685
Size:  4.9 KB

I couldn't find anything written on this, so here it is.

Your Problem: A Windows web server, that runs IIS, and you want to change the source of the SSL certificate. For example, maybe the current SSL certificate is from Thawte, and you want to change to use a Go Daddy SSL certificate.

The problem is: Since an SSL certificate is already installed, how do you make the new CSR file to get a Go Daddy certificate?

Here is how:

  1. Create a "dummy" web site in IIS (like "Scratch Web Site")
  2. Set it up any way you want. It will not be used. (IOW you can use a bogus directory, and all that)
  3. Now, go through the process to generate a CSR for this dummy web site (using the usual Directory Security tab)
  4. Purchase your new SSL certificate.
  5. When the new certificate is issued, install it into the dummy web site. This installs the new certificate into the Windows certificate storage system.
  6. Now, go to the production web site in the IIS Manager
  7. Go to Directory Security, to manage the SSL certificate
  8. Choose "Replace Certificate"
  9. You will now see a list of certificates, that includes the new certificate you just installed.
  10. Select the new certificate
  11. Done!

You are now an SSL Certificate guru.