I was taken aback yesterday when I got this request. Good to know stuff for *nix guys, never know when you get a similar request. :-)
1) Download new Trusted Root Cert.
2) Move the new certificate mynew.crt to server that needs update
Caution:
You can NOT simply double click on the cert once it is on the server as that will install the cert to the currently logged in users Trusted Authorities. Use the instructions below to install the cert for the entire server
- Log into the server
- Start run, type mmc on run line and hit enter
- In the MMC Console click on File -> Add/Remove Snap-In
- In Add/Remove Snap in window click on Add
- In Add Standalone Snap-in window select Certificates and click on Add
- In the Certificates snap-in window make sure Computer Account is selected and click on Next
- In the select Computer window verify Local computer is selected and click on Finish, that window will close
- Back in the Add Standalone Snap-in window click on Close, that window will close
- Back in the Add/Remove Snap-in window click on Ok
- In the MMC console left pane, expand Certificates
- Expand Trusted Root Certification Authorities
- Right click on Certificates and select All Tasks -> Import…
- In the Certificate Import Wizard click on Next
- At the next screen click on browse and browse to the location of mynew.crt and click on Next
- Verify that it will be installing the cert to Trusted Root Certification Authorities and click on Next
- Verify info on screen and click on Finish
- From a command prompt, recycle IIS by running “iisreset /restart”
- After IIS has been cycled test the web site
DK
I must thank my colleague 'Brant Grygiel' who enlightened me on this stuff the other day.. Thanks Brant!! You Rock!
ReplyDelete