How To Move Or Copy SSL Certificate With IIS

Security Certificates

These are electronic certificates for validating your website’s domain pages against the server they are being retrieved from.  In simple terms if you have a website with no certificate in place it will have a URL of HTTP://www.yourwebsite.com.  Once you have a certificate in place the URL will show up in browsers as HTTPS://www.yourwebsite.com.

Export Certificate:

The following guide will assist you with moving or copy SSL Certificate from one server machine or virtual machine to another.  Also know as exporting an SSL certificate.

In the following we will start with exporting the certificate from a machine with a valid or non expired certificate.  After obtaining a copy of the password protected SSL Cert we will import it onto the new machine using the IIS Management Tool.

Make sure you have the correct user permissions to access the machines and read/write for any temporary storage locations.

Prerequisites: 

  • 2 machines (either virtual or physical or combination)
  • 1 copy of the SSL Certificate existing in IIS on one of the machines (copy SSL Certificate from host then skip to Step 2.)

How to move or copy SSL certificate

Exporting (Copy SSL Certificate)
export your Ssl certificate from a machine

Step 1

1. Navigate to IIS and highlight your machine in the hierarchy.

Step 2

2. Double click Server certificates icon in the middle window pane off IIS

Step 3

3. Highlight the certificate that you want to copy.

Step 4

4. From the right most window in IIS click the Export link

Step 5

5. Find the location that you want to save the Certificate too.  Probably the desktop or a network drive you have access to.

Step 6

6. Choose a password (only used for importing and exporting protection)

The IIS import Link on the client machine or serverImporting

Step 1

1. Go to the IIS Mangement Tool on the destination machine

Step 2

2. Copy the certificate to the desktop or a temporary location for importing later.

Step 3

3. Navigate to IIS and highlight your machine in the hierarchy.

Step 4

4. Double click Server certificates icon in the middle window pane of IIS

Step 5

5. Click the Import Link in the right most window of IIS

Step 6

6. Open file location import (site:personal seems to work fine)

No need to CMD netsh. IIS attaches the Certificates

 

Additional Notes:

Once you have a copy of the exported certificate there is no need to repeat step one for additional machines.  As long as you remember the password that you have attached to the exported certificate it can be placed on as may machines as you like.

Valid Certificate Not Working

It is also important to remember that if you update your certificate from your hosting provider then all of your previous SSL certificates for that domain will no longer be active.  You will then have to re import and export the new SSL certificate to all your machines.  *NOTE: Even if the certificate is not expired, grabbing a new copy of the certificate from your hosting provider will break all the existing certificates located on all other machines.