+49 (0) 7245 919 581 info@eunetic.com
[EN]
Login
  1. Home
  2. europeanSSL Knowledge Base
  3. EuropeanSSL Install
  4. How do I copy an SSL certificate from one Windows server to another Windows server?
europeanSSL
Knowledge Base

How do I copy an SSL certificate from one Windows server to another Windows server?

Copying an SSL certificate from one server to the other may be necessary if you operate several servers and want to use a WildCard certificate. The export of an SSL certificate is also very important if you change your hosting provider.

At this point, we assume that you have already successfully installed your SSL certificate on one of the Windows webservers. The following instructions explain in 3 sections how to copy or transfer the certificate to another server.

  • Export the SSL certificate together with Private Key and all intermediate certificates to a .PFX file.
  • Import the SSL Certificate and Private Key to the new server.
  • Configuration of the web page related to your SSL certificate.


This guide explains how to export an SSL certificate using the MMC console. If you are using a Windows Server 2008 (IIS7), you can export the certificate directly in the "Server Certificates" section of the IIS.

1
Exporting the Certificate from the Windows MMC Console
  1. Click Run in the Start menu.
  2. Enter mmc and click Ok.
  3. Select File and then click Add/Remove Snap-in... If you are using Windows Server 2003, click on the Add button. Then double-click on Certificates.
  4. Select the option Computer Account and click on Next.
  5. Leave the default option Local Computer and click on Finish. If you are using Windows Server 2003, click the button Close and then click OK.
  6. Now click on the plus button in the left menu next to Certificates.
  7. Now click again on the plus button next to Personal Folder and then click on the folder Certificates. Right-click on the certificate you want to export. Then select All Tasks and then the option Export...
  8. In the Certificate Export Wizard, click Next.
  9. Now select the option Yes, export the private key and click on Next.
  10. In the section Personal Information Exchange please mark the option Include all Certificates in the certificate path if possible.
  11. Now please create a password that you can remember well. This password is required every time you want to import the certificate on a different server.
  12. Click on Browse and select a location for the .pfx file. Choose a file name like mydomain.pfx and click on Next.
  13. Click on Finish.
  14. The .pfx file with your certificate and the PrivateKey is now stored in the folder you specified before.
2
Import a certificate via the Windows MMC console
  1. After you have successfully exported your certificate, please upload the created .pfx file to the new server.
  2. Click on Run in the Start menu.
  3. Type mmc and click OK.
  4. Click on the menu File and then on Add/Remove Snap-in... If you are using Windows Server 2003, click the Add button. Then double-click on Certificates.
  5. Select the option Computer Account and click on Next.
  6. Leave the default option Local Computer and click on Finish. If you are using Windows Server 2003, click the Close button. Then click OK.
  7. Right click on the folder Personal, select the option All Tasks and then Import....
  8. In the Certificate Import Wizard please click on Next.
  9. Now click on the button Browse... and change the file type from x.509... to Personal Information exchange (*.pfx, *.p12).
  10. Now search for the imported .PFX file and click on Open, then on Next.
  11. Please enter the previously created password for your .pfx file here. Make sure to activate the option Mark this key as exportable. This ensures that you can export the certificate from this server again. Then click on Next.
  12. In the next window please mark the option Automatically select the certificate store based on the type of certificate and click on Next.
  13. Click on Finish to complete the Import Wizard.
  14. You can now click the button Resfresh in the toolbar, then you will see the certificate in the folder Personal / Certificates.
  15. You can check your installation by double-clicking on the certificate and looking for the entry You have a private key that corresponds to this certificate at the bottom of the page.
  16. Close the MMC console. A further saving is not necessary.
3
Assign the imported SSL certificate

After you have successfully imported the .pfx file, it must still be assigned in IIS.

  1. In IIS, call the hostname to which you want to assign the certificate.
  2. Go to the tab Diretory Security and click on the button Server Certificate to start the Server Certificate Wizard.
  3. If you have already set up a certificate for this hostname, you must first remove it and restart the wizard.
  4. Now click on Assign an existing Certificate and then on Next.
  5. Select the imported certificate and click Next.
  6. Click on Finish. It may be necessary to restart the server to make the certificate work for the hostname.


In case you experienced any problem or have any question about the process, please do not hesitate to contact our support.

Was this article helpful?

No Yes