Install a certificate after having deleted the pending certificate request
When a pending certificate request is deleted the link between the private key and IIS is lost as well. The certificate cannot then be correctly installed. The link does not exist anymore but the private key is still in the Micrsoft IIS certificate store. Microsoft created a tool allowing th certificate installation even after the request desappearance: Certutil.exe.Certutil tool has to be used with command lines: Start > Run and enter "cmd".
And follow the steps:
- First, find the tool: %windir%\system32.
- Enter certutil -addstore my certificate.p7b
- Go to the file manager, in the repertory where the .p7b file is and do right click > properties on the .p7b file
- Right click on the certificate and select properties
- look for the serial number field and copy it (CTRL+C)
- Go back to the command and enter certutil -repairstore my "serial number"
- In IIS: right click > properties on the site to be secured, then go to the repertory security tab, server certificate button, choose replace and select the new certificate you just imported
The certificate.p7b parameter is the certificate you want to install. Do not forget the "my" argument!
You should see a message like: CertUtil: -addstore command completed successfully
serial number matchs the serial number previously registered. Do not forget the "my" argument and the quotes!
You should see the message: Encryption test passed CertUtil: -repairstore command completed successfully.
The link between the private key and the certifcate has been restored. Now the certificate must be installed on the site.
If the verification returns an error the installation failed. You'll have to reissue your certificate.
Last edited on 07/29/2013 13:53:07 --- [search]