Home > Lync > How to assign a private key to a new certificate after you use the Certificates snap-in to delete the original certificate in Internet Information Services

How to assign a private key to a new certificate after you use the Certificates snap-in to delete the original certificate in Internet Information Services


To assign the existing private key to a new certificate, you must use the Microsoft Windows Server 2003 version of Certutil.exe. To do this, follow these steps:

  1. Log on to the computer that issued the certificate request by using an account that has administrative permissions.
  2. Click Start, click Run, type mmc, and then click OK.
  3. On the File menu, click Add/Remove Snap-in.
  4. In the Add/Remove Snap-in dialog box, click Add.
  5. Click Certificates, and then click Add.
  6. In the Certificates snap-in dialog box, click Computer account, and then click Next.
  7. In the Select Computer dialog box, click Local computer: (the computer this console is running on), and then clickFinish.
  8. Click Close, and then click OK.
  9. In the Certificates snap-in, expand Certificates, right-click the Personal folder, point to All Tasks, and then click Import.
  10. On the Welcome to the Certificate Import Wizard page, click Next.
  11. On the File to Import page, click Browse.
  12. In the Open dialog box, click the new certificate, click Open, and then click Next.
  13. On the Certificate Store page, click Place all certificates in the following store, and then click Browse.
  14. In the Select Certificate Store dialog box, click Personal, click OK, click Next, and then click Finish.
  15. In the Certificates snap-in, double-click the imported certificate that is in the Personal folder.
  16. In the Certificate dialog box, click the Details tab.
  17. Click Serial Number in the Field column of the Details tab, highlight the serial number, and then write down the serial number.
  18. Click Start, click Run, type cmd, and then click OK.
  19. At the command prompt, type the following:
    certutil -repairstore my "SerialNumber"
    SerialNumber is the serial number that you wrote down in step 17.
  20. In the Certificates snap-in, right-click Certificates, and then click Refresh.
    The certificate now has an associated private key.

You can now use the IIS MMC to assign the recovered keyset (certificate) to the Web site that you want.

 

Reference: http://support.microsoft.com/kb/889651

Advertisements
Categories: Lync
  1. August 6, 2014 at 10:46 pm

    Wiihh makin canggih lo Gan..
    Oia gan kalo misalkan gua punya vmware view connection server mau ganti certificate.. Nah Cara request di CA gmn caranya ya Gan?

  2. August 6, 2014 at 10:52 pm

    Wiihh makin canggih aja lo Gan..
    Oia gua mau nanya nih.. Misalkan gua mau ganti certificate di VMware view connection server, request di CA gmn caranya ya Gan?
    Soalnya gua udah coba, begitu restart services web console admin malah error

  3. August 6, 2014 at 10:54 pm

    bikin aja CA server di windows server udah bisa kok, request CSRnya bisa dari web server IIS atau klo bawaan vmware juga ada juga bisa, btw ini siapa ya?

    • August 6, 2014 at 11:35 pm

      BHaahahahaa… Nama gua kg nongol ya?
      Masih ngetest di lab, blom di production.. Gua create 1DC disitu gua jadiin CA dan udah ada iis jg tentunya.. 1 vcenter & 1view connection server.. Udah gua request dan gua add di view tapi begitu service gua restart pas buka webnya malah gak tampil.
      Somse bener lu coy.. Ni gua donny

  4. Anonymous
    August 7, 2014 at 2:33 pm

    ga tampil gimana, lu udah assign belum ke CA yang baru….

    • August 7, 2014 at 8:13 pm

      udah bisa bro,, gua searching di kb vmware nemu caranya

  1. December 8, 2014 at 2:38 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: